Re: Deleted client certificate trust expectations

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

What you observe is indeed reality; we ran into it too.  (Though we ran into it in the context of a long-running client verifying server certificates.)

My assumption is that it's for performance, and that's sensible, but it would sure be nice to figure out how to detect those changes.  If a stat() on each verification is considered too expensive, maybe there could be a timeout, that if the file hasn't been checked in the last ten minutes then check it.

-- 
Jordan Brown, Oracle ZFS Storage Appliance, Oracle Solaris
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux