Re: Is it worth accepting multiple CRLs?

From: Henry B Hotz <hbhotz(at)oxy(dot)edu>
To: Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Is it worth accepting multiple CRLs?
Date: 2020-07-31 12:53:53
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

A CA may issue a CRL infrequently, but issue a delta-CRL frequently. Does the logic support this properly?

Personal email. hbhotz(at)oxy(dot)edu

> On Jul 31, 2020, at 1:39 AM, Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com> wrote:
> Hello.
> PostgreSQL server accepts only one CRL file. It is easy to expand
> be_tls_init to accept a directory set in ssl_crl_file. But I'm not
> sure CRL is actually even utilized in the field so that could ends
> with just bloating the documentation.
> Is it work doing?
> regards.
> --
> Kyotaro Horiguchi
> NTT Open Source Software Center

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message Stephen Frost 2020-07-31 13:00:14 Re: Is it worth accepting multiple CRLs?
Previous Message Ashutosh Sharma 2020-07-31 12:52:23 Re: recovering from "found xmin ... from before relfrozenxid ..."