+1 971 231 5523 info@pkisolutions.com

Category: Revocation

Certificate Validation Certutil Documentation Hall of Shame Internet Explorer Offline CA PKI Revocation Watch Out

Ignore Revocation Checking – The bane of my existence!

As students in my PKI training classes know, one of the areas I am a vocal about is the blind use of the CRLF_REVCHECK_IGNORE_OFFLINE setting in a PKI environment. I am so adamantly against the use of this setting, I personally refuse to ever explicitly

Read More
  • April 20, 2017

Certificate Validation Internet Explorer PKI Revocation RFCs Watch Out

What Your Browser Doesn’t Tell You Can Hurt You – Revocation and Internet Explorer

One of the topics I have been using as an example of revocation checking behavior in my PKI In-Depth class is the interesting case of Internet Explorer (IE) and its revocation behavior. Let’s take a moment and have you think about your assumption of how

Read More
  • February 11, 2017

Certificate Transparency PKI Qualified Subordination Revocation Watch Out

Certificate Transparency Enforcement and Microsoft CAs – Oct 2017 Deadline

To address some weaknesses in the public PKI trust process, Certificate Transparency (CT) was created to make it easier to detect and track fraudulent certificate issuance and use. The intent is that a small collection of log servers would contain information about valid certificates and browsers

Read More
  • November 29, 2016

Architecture OCSP PKI Revocation RFCs

Microsoft OCSP Responders – Trust, Renewals and RFC 6960

Online Certificate Status Protocol (OCSP) provides an efficient mechanism for distributing certificate revocation information. When certificates are exchanged and validated, computers need to determine if the certificate has been revoked – meaning the CA has reason to consider the certificate as untrusted. This often placed

Read More
  • August 1, 2016

  © Copyright 2013-2016 PKI Solutions Inc. // All Rights Reserved // Terms of Service // Privacy Policy // Pricing and Refund Policies