httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erwann ABALEA <>
Subject Proposed patch for mod_ssl
Date Wed, 20 Feb 2008 10:53:29 GMT

Here's a patch for mod_ssl to handle CRL verification in some
 - when a CA has a 2 keys+certs, one to sign certificates, one to sign
 - when a CA renews and changes its keys; from X.509 standard, the new
   key is used to sign the CRL, the old one doesn't sign anything, and
   this CRL covers *all* the certificates (even the one signed by the
   old key)

Discussion and comments are welcomed.

Erwann ABALEA <>

View raw message