IPA Listmail wrote: > On Mon, Aug 16, 2021 at 11:33 AM Rob Crittenden <[email protected] > <mailto:[email protected]>> wrote: > > I don't know why resetting the crl number would affect the set of > revoked certificates. > > > Sorry, that was unclear. I meant that whatever means of shrinking, even > the nuclear option of completely wiping the CRL and starting with a new > empty CRL would be workable, though obviously not optimal. I would > assume that such a drastic reset would likewise reset the CRL number and > I was trying to say that would be okay for my purposes.
Adding list back. I'm not sure that resetting the number would have the effect you suggest as there would still be revoked certificates within their validity period. It also likely breaks an RFC by using duplicate CRL numbers. rob _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
