Hosting Provided By

RE: Client script access to server cert info

From: Jimi Thompson <jimit(at)myrealbox.com>
Date: Wed Apr 16 2003 - 20:37:34 EDT

What all of you are referring to is known as a "Certificate Revocation List" and that is the one part of the current PKI standard that is largely NOT implemented. Even if you had JavaScript or some other bit of code to do the checking most Certificate Authorities simply don't support the checking.

If you are looking to implement this on your own private CA, I would suggest that you create and LDAP server and load the certs in there. Anything that cannot be verified against the cert in the LDAP would be invalid and the transaction processing would then stop.

HTH, At 5:48 PM +0200 4/16/03, Dawes, Rogan (ZA - Johannesburg) wrote:
>I did a quick search for Tony's search term, and it looks like he was

-- 
Thanks,

Ms. Jimi Thompson, CISSP, Rev.

"I'm a great believer in luck, and I find the harder I work, the more 
I have of it." -- Thomas Jefferson

Received on Wed Apr 16 21:43:42 2003

This message: [ Message body ]
Next message: EEshwar: "Execution of Javascript from PERL"
Previous message: n30: "Re: Client script access to server cert info"
In reply to Dawes, Rogan (ZA - Johannesburg): "RE: Client script access to server cert info"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:50 EDT