Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 73027 invoked from network); 25 Oct 2007 18:26:34 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 25 Oct 2007 18:26:34 -0000 Received: (qmail 54592 invoked by uid 500); 25 Oct 2007 18:26:10 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 54574 invoked by uid 500); 25 Oct 2007 18:26:10 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 54563 invoked by uid 99); 25 Oct 2007 18:26:10 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 25 Oct 2007 11:26:10 -0700 X-ASF-Spam-Status: No, hits=2.0 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of egolatra@gmail.com designates 209.85.198.184 as permitted sender) Received: from [209.85.198.184] (HELO rv-out-0910.google.com) (209.85.198.184) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 25 Oct 2007 20:26:57 +0000 Received: by rv-out-0910.google.com with SMTP id l15so478493rvb for ; Thu, 25 Oct 2007 11:25:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; bh=GZAFdXd2f53HqxYeYuPDU1SmFuKmT8FudohLfS9KmQw=; b=OpS+UVhJ3J4elLQ9McCFXiF10RLlAdfhtG7Nbnq+riiiMkCkq0oBuAIl/shJzhjooHO7V1N0SOm7AJlVVBkYt+nWsCzN8QxfvvprC8vIOGBaING3DqvI6KfWWqb8APNob0WzAzX0QZglUEPNe0G/lE5FQhAL/2EWP7eIzkUu/vA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type; b=AvUyyyTCbnQoNiBsj4lYUk+Syt7RzhQMX+1ANJUi5ndhIsYrJYVB2icUc9RyEWdbXn7LRRZHKL8v7ZwKEPZbMsi0aF6dEhATM8Pr2JvbXOo6abCEubOiZUxKVjUCInQrkPNqSX5eXOptK5+iKpEetW/QrKbz+zNjhSIsR/bS6LI= Received: by 10.140.144.4 with SMTP id r4mr1086553rvd.1193336750434; Thu, 25 Oct 2007 11:25:50 -0700 (PDT) Received: by 10.140.177.12 with HTTP; Thu, 25 Oct 2007 11:25:50 -0700 (PDT) Message-ID: Date: Thu, 25 Oct 2007 20:25:50 +0200 From: David To: users@tomcat.apache.org Subject: Validation of certificates through OCSP MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_910_3329155.1193336750382" X-Virus-Checked: Checked by ClamAV on apache.org ------=_Part_910_3329155.1193336750382 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Hello, There was some traffic regarding OCSP and the possibility to implement it (there's even a thread dealing with JDK-native support ) Is anything done in this respect? Otherwise , I don't know what are the options I can follow. I found the package "jGuard" which apparently provices OCSP validation ... any feedback about this? I also found a servlet filter in the list which provides for this functionality but I wonder if it's the best way to go about it. The author of the filter states that he couldn't make it work as a real but since jGuard probably works at the Realm level I think he could be wrong assuming it is impossible to do that. Anyone has dealt with this before? Any hints? Thanks a lot, Juan Sierra ------=_Part_910_3329155.1193336750382--