Um, IINM, checking CRLs is a feature that is turned on in the advanced
options part of the Internet Control panel, and is OFF by default
(probably for the same reason as in mozilla).
In IE6 (at least some of the more recent versions) our original root certificate started to fail for IE users because it didn't contain a CRL, and recent versions of outlook were also exhibiting the same behavour, basically MS had changed the default from off, to on and well yea, was an interesting situation to be in.
I'm running XP at the moment, which has IE 6 on it (though I rarely use it). I just checked the Internet options control panel. It has two checkboxes for checking revocation.
One controls revocation checks for certs used to sign downloaded software (so called "software publishing"). It's checked.
The second controls revocation checks for https. It's NOT checked.
I don't recall ever changing these settings.
-- Nelson B
_______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
