[Bro] Information on OCSP and CRL
vladg at illinois.edu
Thu Feb 9 11:37:44 PST 2017
There's an optional script for OCSP validation:
> @load protocols/ssl/validate-ocsp
Tony Waller <twaller at bivio.net> writes:
> I am looking for additional information on utilizing OCSP and CRL in Bro NSM. I would like to know if certificates from clients can be checked in real-time or near real-time against a CRL? Also, can Bro NSM perform a OCSP request to a RA and check a certificate to determine if it is valid? If this is the case where in Bro NSM do you set the address for the RA or CRL responder?
> Tony Waller, CISSP
> Director, Systems Engineering
> Bivio Networks, Inc.
> “Powering Advanced Cyber Operations” (TM)
> Mobile (443) 994-0936
> [cid:image001.png at 01D27E32.049899E0]
> *Note: The information contained in this email confidential. This information is intended only for the individual, individuals or entity to whom it is addressed. If you are not the intended recipient(s), the employee or agent responsible for delivering it to the intended recipient(s), you are hereby notified that any use, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this email in error, please return the original message to us by email and delete or destroy any copies. Please note any views or opinions expressed or presented in this email are solely those of the author and do not necessarily represent those of Bivio Networks, Inc. The recipient should check this email or any attachments for the presence of viruses or malware. Bivio Networks, Inc. accepts no responsibility for any damage caused by any virus or malware transmitted by this email. Thank you.
> Think Green when printing
> Bro mailing list
> bro at bro-ids.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 800 bytes
Desc: not available
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170209/418d68fa/attachment-0001.bin
More information about the Bro