From a brief look at the cert validation code, it appears that there's
no way to do non-blocking IO while performing on-line revocation checks,
e.g. querying a CDP or an OCSP responder.
Is that correct? Specifically, I see in ssl_cert.c a call is made to
X509_verify_cert(), or a user-supplied
On Mon, Jun 04, 2007, Brian Craft wrote:
From a brief look at the cert validation code, it appears that there's
no way to do non-blocking IO while performing on-line revocation checks,
e.g. querying a CDP or an OCSP responder.
Is that correct? Specifically, I see in ssl_cert.c a call is