"Rainer Gerhards" <[EMAIL PROTECTED]> writes: >> Thanks! Let us know if there is anything we could improve to help >> explain something that you get stuck on. It is easy to go blind in a >> project, so input from new users are very valuable. > > There is one thing, if I may hijack this thread. The CRL files. I know > what certificate revocation is for, but I do not fully understand how > the CRL functions are used. Most importantly, do I need to create that > file and, if so, how? I know that's all pretty basic and I appreciate > your help on those boring questions ;).
Good questions. I think people are generally better off forgetting about CRLs. If you are designing something new, use an online checking protocol like OCSP instead of CRLs. If you are stuck with a system that uses CRLs, you naturally has to use it. As far as I could see, there wasn't any documentation on how to generate/verify CRLs in the manual, I've fixed this: http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=3acf331ee7f3dc310a18b2b9b476a0d851e2bb32 We could probably discuss CRLs more in the manual, but I can't seem to find a good place to do it or can think of anything concrete to say. Thanks, /Simon _______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
