[geeks] Fwd: Repositories of CRLs?
Alois Hammer
aloishammer at casearmour.net
Thu May 29 14:50:44 CDT 2008
I'm forwarding this post of mine along in hopes that someone on the
geeks list will know more about certificate revocation and/or have more
time to help me out...
On Wed, 28 May 2008 19:55:36 -0400, "CaseArmour.net Security
Administrator" <security at casearmour.net> said:
> With the Debian OpenSSL fallout and my distrust of CAs in general, this
> seems like a great time to stuff Firefox full of CRLs. I found this
> page -- http://www.geekwisdom.com/dyn/node/189 -- listing a few major
> CRL sources, but that seems like it leaves out a bucket of the CAs that
> Firefox comes equipped with by default. If anyone knows of a good place
> to go to get CRLs, or has URLs for a few more of the major or semi-major
> CAs, I'd be grateful. Considering how little-used or badly-configured
> OCSP commonly seems to be, I'm putting more stock in having CRLs
> installed in Firefox than I am setting security.OCSP.enabled to 1.
More information about the geeks
mailing list