Hello Simon,
thank you for crl_check() sharing. It seems crl file loading and lookup
logic is already in SSleay-0.9.0. I did try to always run CRL check
and not to complain if there's no CRL available from some issuers.
Propably there can be cert checking policy options in ssleay.cnf sometime.
Vadim Fedukovich
> >here's some entries in wishlist to check lastUpdate, nextUpdate, extensions
> >too when local policy will specify requirements.
>
> I've been doing CRL checks in SSLrshd and my other SSL apps since
> about SSLeay-0.66 vintage. I use a multi-value return code as described
> below. I use the nextUpdate field to check if the CRL is current.
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
