Jean-Marc Desperrier wrote:
I rather agree about that problem description, I just don't understand why Ram declares that OCSP solves it. I tend to believe it can help in some situations, but make it worse in other, in fact make it worse for
In any case MS is turning OCSP on by default in their next version of windows, one of the problems with OCSP is the fact that if you can't verify a certificate it's assumed to be revoked, and while MS is planning to create some form of OCSP caching, I'm waiting to see how well it will work on a plane, or any other place where you have no connectivity...
--
Best regards, Duane
http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! http://e164.org - Using Enum.164 to interconnect asterisk servers
"I do not try to dance better than anyone else.
I only try to dance better than myself."
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
