you might also try asking this on mozilla.dev.tech.crypto :) thanks, ian
----- Original Message ----- From: "r andrews" <[email protected]> To: [email protected] Sent: Thursday, April 11, 2013 12:25:17 PM Subject: Firefox behavior with CDPs and AIAs I know that FF allows you to choose a CRL and it will check status against that CRL when it finds a cert issued by the CRL issuer. Does anyone know if FF uses the CDP in the cert or the cert's issuer name as a key to find the CRL? The reason I ask is in regards to partitioned CRLs, where a CA could, for example, have one CRL for odd serial numbers and one for even. The CA would put the appropriate CDP in each cert, but would that confuse FF? Same question about OCSP responses and AIA. Does anyone know the answers for IE? _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
