[Date Prev][Date Next] [Chronological] [Thread] [Top]

Doubt regarding the cert that signs the CRL

Hi all,
I have a doubt regarding the certificate that signs the CRL.

Should the certificate that signs the CRL be the same cert that signs the end-entity's certificates?
or Can any other certificate(ie., authorised to do so) can sign the CRL?

Since we do not know from where we are getting the data for an Ldap request, some imposter may be sending false data with the same issuer name.

ie., How can we verify the Ldap response?

Awaiting your valuable responses.