Hi Sebastian, If you do not hear from me by the end of the week, please send me an email, I might have forgotten to send you the software.
For the revocation status checking.. I have to say that, because of the difficulties to find timely revocation information, many applications just allow bad responses (or no responses) from OCSP/CRLs repository. So, I would say, the situation is definitely worse than you picture. The situation is better if you are not dealing with Internet-scale infrastructures (eg., company pkis or organization-specific applications). I am working at an idea that should allow for better interoperability among PKIs in the Internet. The idea is based on deploying an internet service for public key systems. Talking with people at IETF, there is consensus on the project.. Unfortunately I have not found the funding to work on it, yet. As I am used to say, we use PKIs as if we would try to surf the web without an internet-wide DNS. It may work for small, closed environments.. but it would not work in an open environment... I think we shall really work on the "Public Key System" as the time is right - we rely on PKIs more and more.. and we start deploying PK-based services like DNSSEC without the appropriate support.. .. but we need research funding to go on on the project... do you know anybody with plenty of money to spare for the sake of us all ??? :D Cheers, Max On 04/11/2010 01:43 PM, Basscontrol wrote:
Hi Max, I'd be happy to test the new version in my environment. Hopefully, it works well - then I can continue using OCSP and you can release the code to the public. BTW.: Are there really so few people using OCSP for checking revocation status? And if so - does the whole world still rely on CRLs or even worse?
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev
_______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
