massimiliano.se... Wed, 06/04/2008 - 09:12

Hi,

Thank you for your response.

I mean CSL and not Certification Revocation List (CRL).

Best regards.

Massimiliano.

Farrukh Haroon Wed, 06/04/2008 - 11:18

Ahh I just learned there is something known as a CSL, but has this been even approved by the IETF or any standards body? I see someone sharing the first name as yours all over the web suggesting this concept (and suggesting its inclusion in OpenCA), but it seems nobody is interested? Can you please explain a bit about this standard (if one exists?).

As per my understanding, this works with OSCP. AFAIK the IOS supports OSCP. ASA 8.x also has limited OSCP support (not 100% sure about this). Don't know about the VPNC, but I really doubt it. Left alone this CSL bit.

Regards

Farrukh

massimiliano.se... Wed, 06/04/2008 - 22:56

Hi,

I know that there is a a possibility for a Certification Authority of suspending a certificate without revoking it. It is a method less drastic with refer to revoking a certificate. The repository of suspended certificates, I think, is Certification Suspension List (CSL). This may be useful when you must "reactivate" a suspended certificate; you don't have to re-iussue the certifcate.

Thanks for your response.

Best regards.

Massimiliano.

P.S.: I don't know who suggests this concept and its inclusion in Open CA

Actions

This Discussion