Henri writes:
Hello,With the last version of Courier-imap I successfully configured user certificate authentication. It works well with the SASL external method. However, certificate authentication is valuable only if there is a CRL check to detect revoked certificate. It doesn't seem that this feature is yet implemented in Courier-imap. Has someone an idea in order to set up this CRL check? by adding an external software?
I do not know of any external library for this. The only support that exists for CRL checking in GnuTLS (and probably OpenSSL), is to check a given cert against a given CRL. There is no support in either GnuTLS (or probably OpenSSL) to automatically download CRLs.
You need an entire infrastructure for this, to download and cache CRLs.
pgpTTIuTWSePP.pgp
Description: PGP signature
------------------------------------------------------------------------------ SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada. The future of the web can't happen without you. Join us at MIX09 to help pave the way to the Next Web now. Learn more and register at http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/
_______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
