RE: Extension in CRLs never used????

Thu, 28 Feb 2002 10:56:05 -0800

Title: RE: Extension in CRLs never used????

They probably want to remain compatible with the old softwares.
Sorry for the attached files.

-----Message d'origine-----
De : [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]De la part de Mads Rasmussen
Envoye : jeudi 28 fevrier 2002 16:13
A : [EMAIL PROTECTED]
Cc : Francois Guerry
Objet : RES: Extension in CRLs never used????


Thanks,

Thats exactly why I would like to use the version 2 crl, it just seems
that none of the most established CA's uses it. I find the idea of
reason code excellent and useful. Have you any idea why it isn't used?

Just one more thing, you wrote that you attached 2 crls, maybe our
firewall removed these because I didn't receive any. Could you send them
in a zipfile?

Mads Rasmussen

-----Mensagem original-----
De: Francois Guerry [mailto:[EMAIL PROTECTED]]
Enviada em: quinta-feira, 28 de fevereiro de 2002 10:16
Para: '[EMAIL PROTECTED]'
Assunto: RE: Extension in CRLs never used????

the crlEntryExtensions can be used for the Reason Code (oid=
id-ce-reasonCode = 2.5.29.21)
reasonCode EXTENSION ::= {
        SYNTAX CRLReason
        IDENTIFIED BY id-ce-reasonCode
}
CRLReason ::= ENUMERATED {
        unspecified(0),
        keyCompromise(1),
        cACompromise(2),
        affiliationChanged(3),
        superseded(4),
        cessationOfOperation(5),
        certificateHold(6),
        removeFromCRL(8)
}

Some of crlExtensions are :
CRLNumber (id-ce-cRLNumber = 2.5.29.20)
Delta CRL indicator (id-ce-deltaCRLIndicator = 2.5.29.27)
Issuing Distribution Point (id-ce-issuingDistributionPoint = 2.5.29.28)

2 attached CRLs with extensions for example


-----Message d'origine-----
De : [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]De la part de Mads Rasmussen
Envoye : jeudi 28 fevrier 2002 13:13
A : [EMAIL PROTECTED]
Objet : Extension in CRLs never used????



Hi there,

A question about certificates:

In the rfc 2459 definition of the crl format

5.1 CRL Fields (page 42)

TBSCertList  ::=  SEQUENCE {
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

 

Attachment: crls.zip
Description: Binary data

Reply via email to