You should not be able to use an expired/revoked certificate to successfully
complete an SSL handshake. This actually occurs out of band, the certificate
has the information in it for any individual to contact a server and verify
the validity of it. However I know Microsoft utilities have a tendency to
not verify the certificates by default, so it is entirely possible that you
could successfully complete an SSL connection with a revoked certificate.
Joe
----- Original Message -----
From: "Dou Qiang" <[EMAIL PROTECTED]>
To: "OpenSSL" <[EMAIL PROTECTED]>
Sent: Wednesday, March 07, 2001 11:11 PM
Subject: What happened when certificate is revoked ?
> I am always wondering about what happened when server or client
certificate is revoked. Can I use a revoked certificate to pass the SSL
handshake process ? Are there any Certificate checking operations in the SSL
protocol ?
>
> Dou Qiang
> [EMAIL PROTECTED]
>
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
