On 02/08/2012 09:58 PM, From Jean-Marc Desperrier:
Whereas the optimal solution would be to download each day a delta CRL, with only the difference with the previous day, and containing only the revocation reasons you *really* care about (key compromise).
A certificate can be either valid, expired or revoked. A revoked certificate is not valid, no matter the reason (which does not have to be present in the CRL).
-- Regards Signer: Eddy Nigg, StartCom Ltd. XMPP: start...@startcom.org Blog: http://blog.startcom.org/ Twitter: http://twitter.com/eddy_nigg -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto