|
From: | Rich Fought |
Subject: | [Help-gnutls] CRLs and gnutls_certificate_set_x509_crl_file |
Date: | Tue, 25 Apr 2006 10:30:46 -0500 |
User-agent: | Thunderbird 1.5.0.2 (Windows/20060308) |
Does the function gnutls_certificate_set_x509_crl_filedo any sort of checking whatsoever on the CRL file? The documentation implies that the CRL should be verified beforehand, but I'm not sure what this means. I know for sure that it does not check dates; does it check the CRL's signature against the loaded root CA cert?
If not, does the API provide a way to extract the loaded CRL from the credentials structure and do the checking? Or is a separate deal?
Regards, Rich
[Prev in Thread] | Current Thread | [Next in Thread] |