However, we should also make sure that malicious injection of an empty/invalid CRL file does not completely eliminate CRL checking for all time
This is a file periodically generated by XRootD in the admin directory. I figure if the attacker owns the admin directory, then it's already game over.
It's also an aggregate of all CRLs available - if the attacker controls all your CRLs, then it's probably also game over.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
Triage notifications on the go with GitHub Mobile for iOS or Android.
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1