[strongSwan-dev] [PATCH 6/8] Handle certificates being on hold in a CRL

Thomas Egerer thomas.egerer at secunet.com
Fri Nov 4 09:25:05 CET 2011

Certificates which are set on hold in a CRL might be removed from any
subsequent CRL. Hence you cannot conclude that a certificate is revoked
for good in this case, you would try to retrieve an update CRL to see if
the certificate on hold is still on it or not.
 .../credentials/certificates/certificate.c         |    1 +
 .../credentials/certificates/certificate.h         |    2 ++
 .../plugins/revocation/revocation_validator.c      |   12 +++++++++++-
 3 files changed, 14 insertions(+), 1 deletions(-)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0006-Handle-certificates-being-on-hold-in-a-CRL.patch
Type: text/x-patch
Size: 2386 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20111104/035bcb99/attachment.bin>

More information about the Dev mailing list