Hi there,
A question about certificates:
In the rfc 2459 definition of the crl format
5.1 CRL Fields (page 42)
TBSCertList ::= SEQUENCE {
.
.
.
revokedCertificate SEQUENCE OF SEQUENCE
{
userCertificate CertificateSerialNumber,
revocationDate Time,
crlEntryExtensions Extensions OPTIONAL
} OPTIONAL,
crlExtensions [0] EXPLICIT Extensions OPTIONAL
}
My doubt is that the OPTIONAL extensions (crlEntry and crlExtensions)
doen't seem to be used. I have tested CRLs from VeriSign, GlobalSign and
Thawte but none uses the OPTIONAL fields just.
I know that the version number for the CRL changes from 1 to 2 when
these fields are present but I cannot find one CRL as an example
Could someone please help me with this? I am developing a PKI tool and
would like to be able to treat these extensions.
Thanks in advance,
Mads Rasmussen
Open Communication Security
_______________________________________________
Openca-Users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-users
