Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
page_revoke(3)		      Heimdalx509library		page_revoke(3)

       page_revokeRevocation methods
	- There	are two	revocation method for PKIX/X.509: CRL and OCSP.
       Revocation is needed if the private key is lost and stolen. Depending
       on how picky you	are, you might want to make revocation for destroyed
       private keys too	(smartcard broken), but	that should not	be a problem.

       CRL is a	list of	certifiates that have expired.

       OCSP is an online checking method where the requestor sends a list of
       certificates to the OCSP	server to return a signed reply	if they	are
       valid or	not. Some services sends a OCSP	reply as part of the hand-
       shake to	make the revoktion decision simpler/faster for the client.

Version	7.7.0			Fri Jun	7 2019			page_revoke(3)


Want to link to this manual page? Use this URL:

home | help