EAP-TLS - CRL Checking - Expired?
Benjamin Bennett
ben at psc.edu
Tue Nov 7 03:36:02 CET 2006
Stephen Bowman wrote:
> What determines the expire time of a CRL?
>
> I noticed that within the CRL there is a Next Update field.. is this
> what it uses?
yes. You will probably want to make sure that you generate and
distribute new CRLs on a schedule that leaves you with enough time to
detect/correct failures before hitting the previous CRL's NextUpdate.
--ben
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20061106/a7818a3f/attachment.pgp>
More information about the Freeradius-Users
mailing list