directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alex Karasulu <>
Subject Re: Ldap for CRL
Date Mon, 31 Jan 2011 14:24:38 GMT
Hi Jorge,

On Mon, Jan 31, 2011 at 4:12 PM, Jorge Infante Osorio <>wrote:

> Hi all.
> I want to know if I can use ApacheDS as a CDP for certificate list
> management.
Right now the directory as you know the ideal place to store X509
certificates. This is the only function we provide presently. As a thin
layer a CA can easily sit on top of the directory.

There's probably a schema or draft available to manage revocation lists in
the DIT. Besides this custom (extended) operations can be provided but the
only one we've experimented with is a create certificate function. Other
extension mechanisms are also available, like a specific protocol handler in
the network layer (MINA), that handles the network part of the CDP protocol,
and accesses the DIT to manage certificates.

Alex Karasulu
My Blog ::
Apache Directory Server ::
Apache MINA ::
To set up a meeting with me:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message