[
https://issues.apache.org/jira/browse/HDDS-7385?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
István Fajth updated HDDS-7385:
-------------------------------
Parent: HDDS-7333
Issue Type: Sub-task (was: Improvement)
> Create a CRL endpoint in SCM
> ----------------------------
>
> Key: HDDS-7385
> URL: https://issues.apache.org/jira/browse/HDDS-7385
> Project: Apache Ozone
> Issue Type: Sub-task
> Components: Security
> Reporter: István Fajth
> Assignee: István Fajth
> Priority: Major
> Labels: pki
>
> As discussed in [RFC-5280|https://www.rfc-editor.org/rfc/rfc5280.html],
> certificates can contain a cRLDistributionPoint definition, with which it is
> possible to direct the SSL clients to a web endpoint where the CRL is
> published.
> In order to let all clients be notified the standard way about certificate
> revocation, SCM(s) should publish the actual CRL via their web interface, so
> that revocation checks can happen as discussed in the RFC from every client.
> The aim here to provide the CRL as is based on the available information, the
> correctness and consistency of the information will be ensured by HDDS-7387
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
