Quick Links

Re: Is it worth accepting multiple CRLs?

From:	Henry B Hotz <hbhotz(at)oxy(dot)edu>
To:	Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com>
Cc:	pgsql-hackers(at)postgresql(dot)org
Subject:	Re: Is it worth accepting multiple CRLs?
Date:	2020-07-31 12:53:53
Message-ID:	878E8D30-0D11-4511-B8DA-348CA5E4E0E0@oxy.edu
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

A CA may issue a CRL infrequently, but issue a delta-CRL frequently. Does the logic support this properly?

Personal email. hbhotz(at)oxy(dot)edu

> On Jul 31, 2020, at 1:39 AM, Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com> wrote:
>
> Hello.
>
> PostgreSQL server accepts only one CRL file. It is easy to expand
> be_tls_init to accept a directory set in ssl_crl_file. But I'm not
> sure CRL is actually even utilized in the field so that could ends
> with just bloating the documentation.
>
> Is it work doing?
>
> regards.
>
> --
> Kyotaro Horiguchi
> NTT Open Source Software Center
>
>

In response to

Is it worth accepting multiple CRLs? at 2020-07-31 08:39:11 from Kyotaro Horiguchi

Responses

Re: Is it worth accepting multiple CRLs? at 2020-08-03 07:19:37 from Kyotaro Horiguchi

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Stephen Frost	2020-07-31 13:00:14	Re: Is it worth accepting multiple CRLs?
Previous Message	Ashutosh Sharma	2020-07-31 12:52:23	Re: recovering from "found xmin ... from before relfrozenxid ..."