directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Karasulu <akaras...@apache.org>
Subject Re: Ldap for CRL
Date Mon, 31 Jan 2011 14:24:38 GMT
Hi Jorge,

On Mon, Jan 31, 2011 at 4:12 PM, Jorge Infante Osorio <jorgeio@uci.cu>wrote:

> Hi all.
> I want to know if I can use ApacheDS as a CDP for certificate list
> management.
>
>
Right now the directory as you know the ideal place to store X509
certificates. This is the only function we provide presently. As a thin
layer a CA can easily sit on top of the directory.

There's probably a schema or draft available to manage revocation lists in
the DIT. Besides this custom (extended) operations can be provided but the
only one we've experimented with is a create certificate function. Other
extension mechanisms are also available, like a specific protocol handler in
the network layer (MINA), that handles the network part of the CDP protocol,
and accesses the DIT to manage certificates.

HTH,
-- 
Alex Karasulu
My Blog :: http://www.jroller.com/akarasulu/
Apache Directory Server :: http://directory.apache.org
Apache MINA :: http://mina.apache.org
To set up a meeting with me: http://tungle.me/AlexKarasulu

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message