<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<html lang="en">
<head>
<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">
<title>
GitLab
</title>


<style>img {
max-width: 100%; height: auto;
}
</style>
</head>
<body>
<div class="content">

<p style="color: #777777;">
<a href="https://gitlab.com/nmav">Nikos Mavrogiannopoulos</a>
commented:
</p>
<div style="">
<p dir="auto">Hi,
Verifying the CRL is optional in gnutls. I remember that my original view on that was that you download the CRL verify it, and then use it as stored locally. There is no need to verify it, each and every time. You can verify a CRL once using <code>certtool --verify-crl</code>, and then keep using it.  There is a specific flag for applications <code>GNUTLS_CERTIFICATE_VERIFY_CRLS</code> which they can set to verify the CRL explicitly. Does this answer your concern?</p>
</div>


</div>
<div class="footer" style="margin-top: 10px;">
<p style="font-size: small; color: #777;">
—
<br>
Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/issues/861#note_249442494">view it on GitLab</a>.
<br>
You're receiving this email because of your account on gitlab.com.
If you'd like to receive fewer emails, you can
<a href="https://gitlab.com/sent_notifications/1d7f61ad26e0eca8c8ff0c2cf8c58613/unsubscribe">unsubscribe</a>
from this thread or
adjust your notification settings.
<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Issue","url":"https://gitlab.com/gnutls/gnutls/issues/861#note_249442494"}}</script>


</p>
</div>
</body>
</html>