Is it posible to avoid the storage of a credential for revoked certificates?
I found something interesting in myproxy-server.config comments, like the ocsp protocol used to check the validity of credentials stored in the myproxy-server repository before they may be delegated to an user. But in this case do I have to enable an OCSP server with a crl distribution site in order to achieve my task? I haven't found how to make myproxy automatically "discover" the revoked certificates from the crl certificate in /etc/grid-security/certificates, so that stop making proxy certificates to revoked certificates. I created a certificate and key pair with a CA of my own. I test the myproxy-init and myproxy-logon: all ok. I follow revoking this certificate, download the ca new crl and rewrite the /etc/grid-security/certificates/<hash>.r0 file, but I was yet able to store the credentials of the revoke certificate.
