Arno Garrels wrote: > With OpenSSL it's easy to generate a CRL and to include its weblink > in self created certificates. If you will use commercial SSL server > certificates you do not have to worry about CRLs.
Well that's true, however currently ICS lacks the CRL-feature. It does neither include local CRLs in the certificate verification process nor follow external CRL-links in certificates. This is a security leak, however not just in ICS. I'm not aware of any Delphi SSL-Component suite that handles CRLs correctly, one should know that if high security matters. -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
