[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Periodic certificate validation check

To: "Amey Gokhale" <agokhale@postmaster.co.uk>
Subject: Re: Periodic certificate validation check
From: Bill Sommerfeld <sommerfeld@east.sun.com>
Date: Mon, 23 Sep 2002 10:57:37 -0400
cc: ipsec@lists.tislabs.com
In-Reply-To: Your message of "Mon, 23 Sep 2002 12:51:52 BST."
Reply-to: sommerfeld@east.sun.com
Sender: owner-ipsec@lists.tislabs.com

> If the certificate gets revoked after the connection is established,
> does the implementation ... check periodically for the validity of
> the certificate in between a running connection? 

Not that I've seen.

In many cases you can get the revocation behavior you seem to want by
using a relatively short lifetime on your IKE SA, forcing the cert to
be re-validated on a regular basis.

					- Bill

Prev by Date: Re: Diffie Hellman implementation
Next by Date: Re: Periodic certificate validation check
Prev by thread: Re: Periodic certificate validation check
Next by thread: RE: Periodic certificate validation check
Index(es):
- Date
- Thread