Hodie IV Non. Mai. MMXI, Viliam Ďurina scripsit:
Thanks very much for the hints. Finally, I decided to generate CRL for three
years and replace it, when something needs to be revoked, if ever. I think
the support is not good. We will have to distribute the CRL issuer
certificate to partner
That's what I'm not sure about either. I think the general knowledge about CRL
is low among developers and administrators, considering mine and googled
knowledge. I looked at verisign's Class 1 Public Primary Certification
Authority crl and it has validity from 2011-03-22 until 2011-07-01.