Re: [Exim] Certificate revocation?

Top Page
Delete this message
Reply to this message
Author: John Dalbec
Date:  
To: exim-users
Subject: Re: [Exim] Certificate revocation?
I was thinking of something like tls_crl=... but in fact it's useless in my case
since I needed to revoke a self-signed certificate. I would need to revoke the
certificate before setting up the CRL (certificate revocation list), but then I
wouldn't be able to sign the CRL since the certificate would be revoked.
SSL: Catch-22's all over the place!
John

Philip Hazel wrote:
>
> On Fri, 25 Jan 2002, John Dalbec wrote:
>
> > If I generate a new certificate and I need to revoke the old certificate, is
> > there a way I can tell exim to notify other hosts (end users running
> > Netscape/Outlook) of the revocation?
>
> No. Exim talks SMTP. As far as I know, there's nothing in SMTP, which is
> a protocol for transporting messages, for telling other hosts about
> status of certificates.
>
> This means I don't have to understand exactly what you are trying to
> achieve (and I'm afraid I don't :-)
>
> --
> Philip Hazel            University of Cambridge Computing Service,
> ph10@???      Cambridge, England. Phone: +44 1223 334714.