johansen at sun.com wrote:
> On Fri, Aug 14, 2009 at 09:24:00AM +0100, Darren J Moffat wrote:
>> johansen at sun.com wrote:
http://sac.eng/Archives/CaseLog/arc/PSARC/2009/430/20090811_darren.moffat
>>> I would recommend using the certificate directory approach instead of
>>> creating a single
On 08/14/09 08:08 AM, johansen at sun.com wrote:
> [Originally sent this to Darren, but forgot to CC PSARC-ext]
>
> Hi Darren,
>
> I got forwarded a pointer to this case that you filed. Thanks for
> taking the time to do this.
>
>
>> http://sac.eng/Archives/CaseLog/arc/PSARC/2009/430/20090811_d
johansen at sun.com wrote:
> [Originally sent this to Darren, but forgot to CC PSARC-ext]
I didn't get that email.
> Hi Darren,
>
> I got forwarded a pointer to this case that you filed. Thanks for
> taking the time to do this.
>
>> http://sac.eng/Archives/CaseLog/arc/PSARC/2009/430/20090811_d
On Fri, Aug 14, 2009 at 09:24:00AM +0100, Darren J Moffat wrote:
> johansen at sun.com wrote:
>>> http://sac.eng/Archives/CaseLog/arc/PSARC/2009/430/20090811_darren.moffat
>>
>> I would recommend using the certificate directory approach instead of
>> creating a single file with all certificates.
>
[Originally sent this to Darren, but forgot to CC PSARC-ext]
Hi Darren,
I got forwarded a pointer to this case that you filed. Thanks for
taking the time to do this.
> http://sac.eng/Archives/CaseLog/arc/PSARC/2009/430/20090811_darren.moffat
I would recommend using the certificate directory ap
Garrett D'Amore wrote:
> Darren J Moffat wrote:
>> Garrett D'Amore wrote:
>>> Putting all the certs in one mondo file gives me a few minor
>>> concerns, which might be insignificant, but I want to ask them anyway:
>>>
>>> 1) Do end users have any control over which CAs they do or do not
>>> trust
Garrett D'Amore wrote:
> Putting all the certs in one mondo file gives me a few minor concerns,
> which might be insignificant, but I want to ask them anyway:
>
> 1) Do end users have any control over which CAs they do or do not
> trust? (What if they want all of the CAs except one?)
The end u
Darren J Moffat wrote:
>>
>> So the tools are responsible for making this check themselves, using
>> OCSP, right? That makes sense -- end users don't have to take any
>> specific action to get the CRL checking.
>
> In general they may use OCSP but not on the CA certs files only on the
> SSL ser
Darren J Moffat wrote:
> Garrett D'Amore wrote:
>> Putting all the certs in one mondo file gives me a few minor
>> concerns, which might be insignificant, but I want to ask them anyway:
>>
>> 1) Do end users have any control over which CAs they do or do not
>> trust? (What if they want all of th
Putting all the certs in one mondo file gives me a few minor concerns,
which might be insignificant, but I want to ask them anyway:
1) Do end users have any control over which CAs they do or do not
trust? (What if they want all of the CAs except one?)
2) How are CRL handled?
3) How will updat
Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI
This information is Copyright 2009 Sun Microsystems
1. Introduction
1.1. Project/Component Working Name:
Default system CA (X.509) Certificates
1.2. Name of Document Author/Supplier:
Author: Darren Moffat
1.3 Date
11 matches
Mail list logo