directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jorge Infante Osorio" <jorg...@uci.cu>
Subject RE: Ldap for CRL
Date Mon, 31 Jan 2011 15:14:47 GMT
Hi Alex. 

-----Mensaje original-----
De: akarasulu@gmail.com [mailto:akarasulu@gmail.com] En nombre de Alex
Karasulu
Enviado el: lunes, 31 de enero de 2011 9:25
Para: users@directory.apache.org
Asunto: Re: Ldap for CRL

Hi Jorge,

On Mon, Jan 31, 2011 at 4:12 PM, Jorge Infante Osorio <jorgeio@uci.cu>wrote:

> Hi all.
> I want to know if I can use ApacheDS as a CDP for certificate list 
> management.
>
>
Right now the directory as you know the ideal place to store X509
certificates. This is the only function we provide presently. As a thin
layer a CA can easily sit on top of the directory.

There's probably a schema or draft available to manage revocation lists in
the DIT. Besides this custom (extended) operations can be provided but the
only one we've experimented with is a create certificate function. Other
extension mechanisms are also available, like a specific protocol handler in
the network layer (MINA), that handles the network part of the CDP protocol,
and accesses the DIT to manage certificates.

Can you point me out some other Ldap implementation that offers this
functionalities. ??
We have a CA and we are searching the way of management the revocation
certificate list for the portal users of our system.

Jorge.

HTH,
--
Alex Karasulu
My Blog :: http://www.jroller.com/akarasulu/ Apache Directory Server ::
http://directory.apache.org Apache MINA :: http://mina.apache.org To set up
a meeting with me: http://tungle.me/AlexKarasulu


Mime
View raw message