You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by st...@lycos.co.uk on 2005/08/08 15:35:50 UTC

CRL validation and OpenSSL

It appears that Apache does not use the built-in mechanism from OpenSSL for CRL validation, but it implements its own one (I guess because the one from OpenSSL was not complete enough some time ago ?).
It also seems that OpenSSL CRL validation is now much more complete (IDP, delta CRL, etc.).
Isn't it time to switch to OpenSSL one ?
It should be a kind of simplification in the code, no ?