At 06:40 PM 7/2/2003 +0200, Markus Stumpf wrote:
On Wed, Jul 02, 2003 at 09:38:22AM +0100, Danny Angus wrote:
> What does work are the mechanisms which exist for propogating and
> revoking trust, that you don't trust anyone is a completely different
issue.
Ok, what are the "mechanisms which exist for propogating and revoking trust"?
Newspapers? I don't know of any technically oriented ones. Or more
specifically: What do I have to do so that my browser can check whether
a SSL cert for a website has been revoked?
See RFC 2459, sections 5 and 3.3 and RFC 2560
In Internet Explorer options screen (IE6), under "Advanced", "Security",
the first two options listed are:
"Check for publisher's certificate revocation"
"Check for server certificate revocation"
Netscape 7 and Mozilla include an option in under "Security", "Validation"
to use the Online Certificate Status Protocol (OCSP) to verify
certificates. This protocol is defined in RFC 2560.
Funny enough Opera 7 has none of these options but IE does. Weird.
Yakov
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg