EldoS | Feel safer!

Software components for data protection, secure storage and transfer

CRL cache

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#19895
Posted: 04/21/2012 01:24:33
by ingbabic  (Standard support level)
Joined: 09/27/2011
Posts: 114

Thank you very much.

I make following conclussion. Certificate validator tries to read location of CRL from certificate. It uses the one whichever it finds first. If that location is not available, it tries to find another and use that location. Once CRL is retrieved it is kept in local intenal cache in memory (global object) and stays there until object is disposed, or CRL is expired whichever occurs first. Any subseqent request for CRL is using CRL from cache and does not download it again.
#19896
Posted: 04/21/2012 09:20:02
by Eugene Mayevski (EldoS Corp.)

Yes, this is correct, with one addition: the CRL in the cache is identified by URL, so if you have HTTP and LDAP URLs that provide the same CRL, for CRL cache these are different CRLs.


Sincerely yours
Eugene Mayevski

Reply

Statistics

Topic viewed 2530 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!