Kathleen Wilson wrote: >> And since CRL support was dropped in recent Firefox/Seamonkey >> releases there's >> no revocation checking mechanism for those certs at all. > > That's not technically accurate for EV certificates. The user interface to > manually import CRLs was dropped, but CRLs are still being checked. Currently > for EV certs, if the OCSP URI is not present, then the CRL is checked.
??? Yes, the CRL import UI was dropped and AFAIK there's no support for CRLDP extension. So how is the right CRL imported? Ciao, Michael. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
