2 Jan
2009
2 Jan
'09
12:06 p.m.
On Fri, 2 Jan 2009 17:53:55 +0100 "Terje Bless" <link@pobox.com> wrote:
On Fri, Jan 2, 2009 at 5:44 PM, <Valdis.Kletnieks@vt.edu> wrote:
Hmm... so basically all deployed FireFox and IE either don't even try to do a CRL, or they ask the dodgy certificate "Who can I ask if you're dodgy?"
Hmm. Don't the shipped-with-the-browser trusted root certificates include a CRL URL?
Every CA runs its own CRL server -- it has to be that way. --Steve Bellovin, http://www.cs.columbia.edu/~smb