06-04-2008 12:16 AM
Hi,
How I can enable the support for Certificate Suspension List (CSL) on a VPN Concentrator 3080?
Thank you.
Best regards.
Massimiliano.
06-04-2008 06:59 AM
DO you mean a CRL?
Regards
Farrukh
06-04-2008 09:12 AM
Hi,
Thank you for your response.
I mean CSL and not Certification Revocation List (CRL).
Best regards.
Massimiliano.
06-04-2008 11:18 AM
Ahh I just learned there is something known as a CSL, but has this been even approved by the IETF or any standards body? I see someone sharing the first name as yours all over the web suggesting this concept (and suggesting its inclusion in OpenCA), but it seems nobody is interested? Can you please explain a bit about this standard (if one exists?).
As per my understanding, this works with OSCP. AFAIK the IOS supports OSCP. ASA 8.x also has limited OSCP support (not 100% sure about this). Don't know about the VPNC, but I really doubt it. Left alone this CSL bit.
Regards
Farrukh
06-04-2008 10:56 PM
Hi,
I know that there is a a possibility for a Certification Authority of suspending a certificate without revoking it. It is a method less drastic with refer to revoking a certificate. The repository of suspended certificates, I think, is Certification Suspension List (CSL). This may be useful when you must "reactivate" a suspended certificate; you don't have to re-iussue the certifcate.
Thanks for your response.
Best regards.
Massimiliano.
P.S.: I don't know who suggests this concept and its inclusion in Open CA
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide