Re: About CRL version

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Thank you for the clarification. 

Russ Housley <housley@xxxxxxxxxxxx> 于2023年12月21日周四 02:26写道:
X.509-2019 says:

   The version component shall indicate the version of the encoded revocation list.
   If the extensions component is present in the revocation list, the version shall
   be v2. If the extensions component is not present, the version shall either be
   absent or be present as v2.

This is consistent with the language in RFC 5280 and its predecessors.

My interpretation of the last sentence is that the CRL issuer can omit the version
if there are no extensions, and the replying party will treat it as a v1 CRL.

Russ


On Dec 20, 2023, at 2:35 AM, 朱文杰 <zwj2311625065@xxxxxxxxx> wrote:

Hello, 

After read RFC 5280, I have a question. 

For a CRL, if the version field is omitted, what is its default version? Is it v1? I can't find any information about this in RFC 5280, also in RFC 2459 and 3280?

Please help me solve this confusion.

Sincerely thanks.



[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Mhonarc]     [Fedora Users]

  Powered by Linux