Ram A M wrote:
Building on this as a phase-in approach, perhaps if a CDP (CRL pointer)
is present in a certificate a button saying "check CRL" could appear
somewhere appropriate, and if an OCSP AIA (OCSP pointer) is present ...
The problem with CRL DPs is the patent issue. I think it likely that
CRL DP support will be implemented as a plugin for NSS, where the plugin
will not be open source nor freely available while the patent remains.
Companies (or more generally, "parties") who are licensees of the patent
and distribute products based on NSS could integrate such a plugin in
their products. But an open source implementation would probably
constitute inducement to infringe. (IANAL)
--
Nelson B
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
