|
Posted by Tim C on May 22, 2008, 2:13 pm
Please log in for more thread options Brian,
Stupid question. What is CPS?
Thanks,
Tim C
"Brian Komar (MVP)" wrote:
> But what does your CPS state regarding CRL publication intervals.
> Technically, it will work.
> Policy wise, not a chance.
> Brian
>
> > But what if I change the CRL publication interval to 2 years? Then the
> > next
> > published CRL will not expire until 2010. Would that then allow me to
> > take
> > down my CA and rely on the root certificate and CRL published in Active
> > Directory to keep my current certificates working properly?
> >
> > (All of these certificates are used by web servers in temporary testing
> > and
> > development environments, and only exist to replicate conditions in our
> > production environment. Revocation isn't an issue. I'm just hoping to
> > avoid
> > recreating 200 of them.)
> >
> > Thanks,
> > Tim C
> >
> > "bdo" wrote:
> >
> >>
> >> From what I know, you will at the very least have problems with all of
> >> the old certificates becoming invalid when Server1A ceases to issue
> >> updated CRL's and it's most recent CRL expires. I am not sure if there
> >> is some way to transfer the private key over to the new server, given
> >> the change in server name.
> >>
> >>
> >> --
> >> bdo
> >> ------------------------------------------------------------------------
| 
XML Sitemap