mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-12-27 19:09:47 +00:00
Moving Validating Settings help to XHTML. Patch by Stefan <stefan_h@hem.utfors.se> r=rlk@trfenv.com
This commit is contained in:
parent
5d7c68868a
commit
77f8ca703f
@ -85,7 +85,7 @@
|
||||
<li><strong>Status Responder Certificate:</strong> Certificate used to identify
|
||||
an online status responder that uses the Online Certificate Status Protocol
|
||||
(OCSP) to check the validity of certificates. For more information about
|
||||
OCSP, see <a href="validation_help.html">Validation Settings</a>.</li>
|
||||
OCSP, see <a href="validation_help.xhtml">Validation Settings</a>.</li>
|
||||
<li><strong>SSL Certificate Authority:</strong> Certificate used to identify
|
||||
a certificate authority—that is, a service that issues certificates for
|
||||
use as identification over computer networks.</li>
|
||||
|
@ -489,12 +489,12 @@
|
||||
<rdf:li>
|
||||
<rdf:Description ID="CRLs:auto_upates_for"
|
||||
nc:name="CRL auto update"
|
||||
nc:link="validation_help.html#CRLs:auto_upates_forIDX"/>
|
||||
nc:link="validation_help.xhtml#automatic_crl_update_preferences"/>
|
||||
</rdf:li>
|
||||
<rdf:li>
|
||||
<rdf:Description ID="CRLs:managing"
|
||||
nc:name="managing CRLs"
|
||||
nc:link="validation_help.html#CRLs:managingIDX"/>
|
||||
nc:link="validation_help.xhtml#manage_crls"/>
|
||||
</rdf:li>
|
||||
<rdf:li>
|
||||
<rdf:Description ID="CRLs:Next_Update_date"
|
||||
@ -504,7 +504,7 @@
|
||||
<rdf:li>
|
||||
<rdf:Description ID="CRLs:preferences"
|
||||
nc:name="CRL preferences"
|
||||
nc:link="validation_help.html#CRLs:preferencesIDX"/>
|
||||
nc:link="validation_help.xhtml#privacy_and_security_preferences_validation"/>
|
||||
</rdf:li></rdf:Seq>
|
||||
</nc:subheadings>
|
||||
</rdf:Description>
|
||||
@ -1674,7 +1674,7 @@
|
||||
<rdf:li>
|
||||
<rdf:Description ID="preferences:validation"
|
||||
nc:name="validation preferences"
|
||||
nc:link="validation_help.html#preferences:validationIDX"/>
|
||||
nc:link="validation_help.xhtml#privacy_and_security_preferences_validation"/>
|
||||
</rdf:li></rdf:Seq>
|
||||
</nc:subheadings>
|
||||
</rdf:Description>
|
||||
@ -2005,7 +2005,7 @@
|
||||
<rdf:li>
|
||||
<rdf:Description ID="settings:validation"
|
||||
nc:name="validation settings"
|
||||
nc:link="validation_help.html#settings:validationIDX"/>
|
||||
nc:link="validation_help.xhtml#validation_settings"/>
|
||||
</rdf:li></rdf:Seq>
|
||||
</nc:subheadings>
|
||||
</rdf:Description>
|
||||
@ -2194,27 +2194,27 @@
|
||||
<rdf:li>
|
||||
<rdf:Description ID="validation:auto_updating_CRLs"
|
||||
nc:name="auto updating CRLs"
|
||||
nc:link="validation_help.html#validation:auto_updating_CRLsIDX"/>
|
||||
nc:link="validation_help.xhtml#automatic_crl_update_preferences"/>
|
||||
</rdf:li>
|
||||
<rdf:li>
|
||||
<rdf:Description ID="validation:CRLs"
|
||||
nc:name="CRLs"
|
||||
nc:link="validation_help.html#validation:CRLsIDX"/>
|
||||
nc:link="validation_help.xhtml#privacy_and_security_preferences_validation"/>
|
||||
</rdf:li>
|
||||
<rdf:li>
|
||||
<rdf:Description ID="validation:managing_CRLs"
|
||||
nc:name="managing CRLs"
|
||||
nc:link="validation_help.html#validation:managing_CRLsIDX"/>
|
||||
nc:link="validation_help.xhtml#manage_crls"/>
|
||||
</rdf:li>
|
||||
<rdf:li>
|
||||
<rdf:Description ID="validation:OCSP"
|
||||
nc:name="OCSP"
|
||||
nc:link="validation_help.html#validation:OCSPIDX"/>
|
||||
nc:link="validation_help.xhtml#privacy_and_security_preferences_validation"/>
|
||||
</rdf:li>
|
||||
<rdf:li>
|
||||
<rdf:Description ID="validation:settings"
|
||||
nc:name="validation settings"
|
||||
nc:link="validation_help.html#validation:settingsIDX"/>
|
||||
nc:link="validation_help.xhtml#validation_settings"/>
|
||||
</rdf:li></rdf:Seq>
|
||||
</nc:subheadings>
|
||||
</rdf:Description>
|
||||
|
@ -408,11 +408,12 @@
|
||||
message is digitally signed and if so, whether the signature is valid.</li>
|
||||
|
||||
<p>If validation failed while OCSP was enabled, check the OCSP settings in
|
||||
<a href="validation_help.html#validation_first">Privacy & Security
|
||||
Preferences - Validation</a>. If you are not familiar with OCSP, confirm the
|
||||
settings with your system administrator. If your settings are correct, there
|
||||
may be a problem with the OCSP service or the certificate used to create the
|
||||
signature is no longer valid.</p>
|
||||
<a href=
|
||||
"validation_help.xhtml#privacy_and_security_preferences_validation">Privacy
|
||||
& Security Preferences - Validation</a>. If you are not familiar with
|
||||
OCSP, confirm the settings with your system administrator. If your settings
|
||||
are correct, there may be a problem with the OCSP service or the certificate
|
||||
used to create the signature is no longer valid.</p>
|
||||
|
||||
<p>If the signature is invalid because of a problem with a certificate's trust
|
||||
settings, you can use the <a href="certs_help.xhtml">Certificate Manager</a>
|
||||
|
@ -38,7 +38,7 @@
|
||||
<li><a href="passwords_help.html#Master_Password_Timeout">Master Passwords</a></li>
|
||||
<li><a href="ssl_help.xhtml">SSL</a></li>
|
||||
<li><a href="certs_prefs_help.xhtml">Certificates</a></li>
|
||||
<li><a href="validation_help.html">Validation</a></li>
|
||||
<li><a href="validation_help.xhtml">Validation</a></li>
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
|
@ -1014,7 +1014,7 @@
|
||||
<rdf:li><rdf:Description ID="using-help-certs-validation-how" nc:name="How Validation Works" nc:link="chrome://help/locale/using_certs_help.html#How_Certificate_Validation_Works"/> </rdf:li>
|
||||
<rdf:li><rdf:Description ID="using-help-certs-validation-crls" nc:name="Managing CRLs" nc:link="chrome://help/locale/using_certs_help.html#Managing_CRLs"/> </rdf:li>
|
||||
<rdf:li><rdf:Description ID="using-help-certs-validation-ocsp" nc:name="Configuring OCSP" nc:link="chrome://help/locale/using_certs_help.html#Configuring_Certificate_Manager_for_OCSP"/> </rdf:li>
|
||||
<rdf:li><rdf:Description ID="validation_prefs" nc:name="Validation Settings" nc:link="chrome://help/locale/validation_help.html"/> </rdf:li>
|
||||
<rdf:li><rdf:Description ID="validation_prefs" nc:name="Validation Settings" nc:link="chrome://help/locale/validation_help.xhtml"/> </rdf:li>
|
||||
</rdf:Seq>
|
||||
</nc:subheadings>
|
||||
</rdf:Description>
|
||||
@ -1032,10 +1032,10 @@
|
||||
<rdf:Description about="#validation_prefs">
|
||||
<nc:subheadings>
|
||||
<rdf:Seq>
|
||||
<rdf:li><rdf:Description ID="validation-prefs" nc:name="Validation Preferences" nc:link="chrome://help/locale/validation_help.html#validation_first"/> </rdf:li>
|
||||
<rdf:li><rdf:Description ID="validation-crl-manage" nc:name="Manage CRLs" nc:link="chrome://help/locale/validation_help.html#manage_CRLs_dialog"/> </rdf:li>
|
||||
<rdf:li><rdf:Description ID="validation-crl-import" nc:name="CRL Import Status" nc:link="chrome://help/locale/validation_help.html#crl_import_status"/> </rdf:li>
|
||||
<rdf:li><rdf:Description ID="validation-crl-auto-update-prefs" nc:name="Automatic CRL Update Preferences" nc:link="chrome://help/locale/validation_help.html#auto_crl_update_prefs"/> </rdf:li>
|
||||
<rdf:li><rdf:Description ID="validation-prefs" nc:name="Validation Preferences" nc:link="chrome://help/locale/validation_help.xhtml#privacy_and_security_preferences_validation"/> </rdf:li>
|
||||
<rdf:li><rdf:Description ID="validation-crl-manage" nc:name="Manage CRLs" nc:link="chrome://help/locale/validation_help.xhtml#manage_crls"/> </rdf:li>
|
||||
<rdf:li><rdf:Description ID="validation-crl-import" nc:name="CRL Import Status" nc:link="chrome://help/locale/validation_help.xhtml#crl_import_status"/> </rdf:li>
|
||||
<rdf:li><rdf:Description ID="validation-crl-auto-update-prefs" nc:name="Automatic CRL Update Preferences" nc:link="chrome://help/locale/validation_help.xhtml#automatic_crl_update_preferences"/> </rdf:li>
|
||||
</rdf:Seq>
|
||||
</nc:subheadings>
|
||||
</rdf:Description>
|
||||
|
@ -404,7 +404,7 @@
|
||||
<p><a href="#How_Certificate_Validation_Works">How Validation Works</a></p>
|
||||
<p><a href="#Managing_CRLs">Managing CRLs</a></p>
|
||||
<p><a href="#Configuring_Certificate_Manager_for_OCSP">Configuring OCSP</a></p>
|
||||
<p><a href="#validation_help.html">Validation Settings</a></p>
|
||||
<p><a href="#validation_help.xhtml">Validation Settings</a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
@ -425,7 +425,7 @@
|
||||
|
||||
<p>One way to combat this threat is for Certificate Manager to check a certificate revocation list (CRL) as part of the verification process (see <a href="#Managing_CRLs">Managing CRLs</a>, below). Typically, you download a CRL to your browser by clicking a link. If a CRL is present, Certificate Manager checks any certificate issued by the same CA against the list as part of the verification process.
|
||||
|
||||
<p>The reliability of CRLs depends on the frequency with which they are both updated by a server and checked by a client. You can configure your <a href="validation_help.html#auto_crl_update_prefs">Automatic CRL Update Preferences</a> so that a CRL will be updated automatically at regular intervals with the version currently on the server.
|
||||
<p>The reliability of CRLs depends on the frequency with which they are both updated by a server and checked by a client. You can configure your <a href="validation_help.xhtml#automatic_crl_update_preferences">Automatic CRL Update Preferences</a> so that a CRL will be updated automatically at regular intervals with the version currently on the server.
|
||||
|
||||
<p>Another way to combat the threat of compromised certificates is to use a special server that supports the Online Certificate Status Protocol (OCSP). Such a server can answer client queries about individual certificates (see <a href="#Configuring_Certificate_Manager_for_OCSP">Configuring OCSP</a>, below).
|
||||
|
||||
@ -440,7 +440,7 @@
|
||||
|
||||
<p>This section describes how to import and manage CRLs. <p>For background information, see <a href="#How_Certificate_Validation_Works">How Validation Works</a>.
|
||||
|
||||
<p>For detailed descriptions of CRL settings that you can control, see <a href="validation_help.html">Validation Settings</a>.</p>
|
||||
<p>For detailed descriptions of CRL settings that you can control, see <a href="validation_help.xhtml">Validation Settings</a>.</p>
|
||||
|
||||
<table summary="list of headings" cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
@ -528,7 +528,7 @@
|
||||
<li>Under the Privacy & Security category, click Validation. (If no subcategories are visible, double-click Privacy & Security to expand the list.)
|
||||
</ol>
|
||||
|
||||
<p>For information about the OCSP options available, see <a href="validation_help.html#OCSP">OCSP</a>.
|
||||
<p>For information about the OCSP options available, see <a href="validation_help.xhtml#ocsp">OCSP</a>.
|
||||
|
||||
<p>
|
||||
[ <A HREF="#using_certs_first">Return to beginning of section</A> ]
|
||||
|
@ -1,184 +1,267 @@
|
||||
<html>
|
||||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
|
||||
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd" [
|
||||
<!ENTITY % brandDTD SYSTEM "chrome://global/locale/brand.dtd" >
|
||||
%brandDTD;
|
||||
]>
|
||||
|
||||
<html xmlns="http://www.w3.org/1999/xhtml">
|
||||
<head>
|
||||
<title>Validation Settings</title>
|
||||
|
||||
<link rel="stylesheet" href="chrome://help/locale/content_style.css" type="text/css">
|
||||
|
||||
<link rel="stylesheet" href="chrome://help/locale/helpFileLayout.css"
|
||||
type="text/css"></link>
|
||||
</head>
|
||||
|
||||
<body>
|
||||
|
||||
<a NAME="validation_settings"></a>
|
||||
<a NAME="validation:settingsIDX"></a>
|
||||
<a NAME="settings:validationIDX"></a>
|
||||
<h1 id="validation_settings">Validation Settings</h1>
|
||||
|
||||
<hr><h1>Validation Settings</h1>
|
||||
<p>This section describes how to set Validation preferences and how to control
|
||||
Certificate Revocation List (CRL) settings.</p>
|
||||
|
||||
<p>This section describes how to set Validation preferences and how to control Certificate Revocation List (CRL) settings.
|
||||
<p>For step-by-step descriptions of various tasks related to validation and
|
||||
CRLs, see <a href="using_certs_help.html#using_certs_validation">How
|
||||
Certificate Validation Works</a>.</p>
|
||||
|
||||
<p>For step-by-step descriptions of various tasks related to validation and CRLs, see <a href="using_certs_help.html#using_certs_validation">How Certificate Validation Works</a>.
|
||||
<p> </p>
|
||||
<div class="contentsBox">In this section:
|
||||
<ul>
|
||||
<li><a href="#privacy_and_security_preferences_validation">Privacy &
|
||||
Security Preferences - Validation</a></li>
|
||||
<li><a href="#manage_crls">Manage CRLs</a></li>
|
||||
<li><a href="#crl_import_status">CRL Import Status</a></li>
|
||||
<li><a href="#automatic_crl_update_preferences">Automatic CRL Update
|
||||
Preferences</a></li>
|
||||
</ul>
|
||||
</div>
|
||||
|
||||
<table cellpadding=4 cellspacing=2 bgcolor="#cccccc" Width=324>
|
||||
<tr>
|
||||
<td class="inthissection">
|
||||
<p>In this section:</p>
|
||||
<p><a href="#validation_first">Privacy & Security Preferences - Validation</a></p>
|
||||
<p><a href="#manage_CRLs_dialog">Manage CRLs</a></p>
|
||||
<p><a href="#crl_import_status">CRL Import Status</a></p>
|
||||
<p><a href="#auto_crl_update_prefs">Automatic CRL Update Preferences</a></p>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<p> </p>
|
||||
<h2 id="privacy_and_security_preferences_validation">Privacy & Security
|
||||
Preferences - Validation</h2>
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
<hr>
|
||||
<a NAME="validation_first"></a>
|
||||
<a NAME="validation:OCSPIDX"></a>
|
||||
<a NAME="validation:CRLsIDX"></a>
|
||||
<a NAME="OCSP:preferencesIDX"></a>
|
||||
<a NAME="CRLs:preferencesIDX"></a>
|
||||
<a NAME="preferences:validationIDX"></a>
|
||||
|
||||
<h2>Privacy & Security Preferences - Validation</h2>
|
||||
|
||||
<p>This section describes how to use the Validation Settings panel. If you are not already viewing the panel, follow these steps:
|
||||
<p>This section describes how to use the Validation Settings panel. If you are
|
||||
not already viewing the panel, follow these steps:</p>
|
||||
|
||||
<ol>
|
||||
<li>Open the Edit menu (Mozilla menu on Mac OS X) and choose Preferences.
|
||||
<li>Under the Privacy & Security category, click Validation. (If no subcategories are visible, double-click Privacy & Security to expand the list.)
|
||||
<li>Open the Edit menu (&brandShortName; menu on Mac OS X) and choose
|
||||
Preferences.</li>
|
||||
<li>Under the Privacy & Security category, click Validation. (If no
|
||||
subcategories are visible, double-click Privacy & Security to expand
|
||||
the list.)</li>
|
||||
</ol>
|
||||
|
||||
<p>For background information on certificate validation, see <a href="using_certs_help.html#using_certs_validation">How Certificate Validation Works</a>.
|
||||
|
||||
<p>
|
||||
<a NAME="CRL"></a>
|
||||
<h3>CRL</h3>
|
||||
|
||||
<p>A certificate revocation list (CRL) is a list of revoked certificates that is generated and signed by a <a href="glossary.xhtml#certificate_authority">certificate authority (CA)</a>. It's possible to download a CRL to your browser, which can check it to ensure that certificates are still valid before permitting their use for authentication. <P>
|
||||
|
||||
<p>Click Manage CRLs to see a list of the CRLs available to Certificate Manager.
|
||||
|
||||
<p>For more information about managing CRLs, see <a href="using_certs_help.html#Managing_CRLs">Managing CRLs</a>.
|
||||
<p>For background information on certificate validation, see
|
||||
<a href="using_certs_help.html#using_certs_validation">How Certificate
|
||||
Validation Works</a>.</p>
|
||||
|
||||
|
||||
<p>
|
||||
<a NAME="OCSP"></a>
|
||||
<h3>OCSP</h3>
|
||||
<h3 id="crl">CRL</h3>
|
||||
|
||||
<p>The Online Certificate Status Protocol (OCSP) makes it possible for Certificate Manager to perform an online check of a certificate's validity each time the certificate is viewed or used. This process involves checking the certificate against a certificate revocation list (CRL) maintained at a specified web site. Your computer must be online for OCSP to work.</P>
|
||||
<p>A certificate revocation list (CRL) is a list of revoked certificates that
|
||||
is generated and signed by a
|
||||
<a href="glossary.xhtml#certificate_authority">certificate authority
|
||||
(CA)</a>. It's possible to download a CRL to your browser, which can
|
||||
check it to ensure that certificates are still valid before permitting their
|
||||
use for authentication.</p>
|
||||
|
||||
<p>To specify how Certificate Manager uses OCSP, choose one of these settings in the OCSP section of Validation Settings:</P>
|
||||
<p>Click Manage CRLs to see a list of the CRLs available to Certificate
|
||||
Manager.</p>
|
||||
|
||||
<p>For more information about managing CRLs, see
|
||||
<a href="using_certs_help.html#Managing_CRLs">Managing CRLs</a>.</p>
|
||||
|
||||
<h3 id="ocsp">OCSP</h3>
|
||||
|
||||
<p>The Online Certificate Status Protocol (OCSP) makes it possible for
|
||||
Certificate Manager to perform an online check of a certificate's
|
||||
validity each time the certificate is viewed or used. This process involves
|
||||
checking the certificate against a certificate revocation list (CRL)
|
||||
maintained at a specified website. Your computer must be online for OCSP to
|
||||
work.</p>
|
||||
|
||||
<p>To specify how Certificate Manager uses OCSP, choose one of these settings
|
||||
in the OCSP section of Validation Settings:</p>
|
||||
|
||||
<ul>
|
||||
<LI><B>Do not use OCSP for certificate verification.</B> Select this setting if you don't want Certificate Manager to perform an online status check each time it verifies a certificate. Instead, whenever Certificate Manager performs <a href="glossary.xhtml#certificate_verification">certificate verification</a>, it only confirms the certificate's validity period and that it is correctly signed by a CA whose own CA certificate is both listed under the CA Certificates tab (in the main Certificate Manager window) and marked as trusted for issuing that kind of certificate.</LI>
|
||||
<LI><B>Use OCSP to verify only certificates that specify an OCSP service URL.</B> Select this setting if you want Certificate Manager perform an online status check each time it verifies a certificate that specifies a URL for the purpose of performing such a check. If a URL is specified by the certificate, Certificate Manager makes sure that the certificate is listed there as valid and checks the validity period and trust settings.</LI>
|
||||
<LI><B>Use OCSP to verify all certificates, using the URL and signer specified here.</B> Select this setting if you want Certificate Manager to perform an online status check each time it verifies any certificate. If you select this setting, you should also choose the certificate from the Response Signer pop-up menu that identifies the signer of the OCSP responses. With this setting, the only certificates Certificate Manager recognizes are those that can be verified by an OCSP response signed with the Response Signer certificate (or signed using a certificate that chains to it).
|
||||
<li><strong>Do not use OCSP for certificate verification.</strong> Select
|
||||
this setting if you don't want Certificate Manager to perform an
|
||||
online status check each time it verifies a certificate. Instead, whenever
|
||||
Certificate Manager performs
|
||||
<a href="glossary.xhtml#certificate_verification">certificate
|
||||
verification</a>, it only confirms the certificate's validity period
|
||||
and that it is correctly signed by a CA whose own CA certificate is both
|
||||
listed under the CA Certificates tab (in the main Certificate Manager
|
||||
window) and marked as trusted for issuing that kind of certificate.</li>
|
||||
<li><strong>Use OCSP to verify only certificates that specify an OCSP service
|
||||
URL.</strong> Select this setting if you want Certificate Manager perform
|
||||
an online status check each time it verifies a certificate that specifies a
|
||||
URL for the purpose of performing such a check. If a URL is specified by
|
||||
the certificate, Certificate Manager makes sure that the certificate is
|
||||
listed there as valid and checks the validity period and trust
|
||||
settings.</li>
|
||||
<li><strong>Use OCSP to verify all certificates, using the URL and signer
|
||||
specified here.</strong> Select this setting if you want Certificate
|
||||
Manager to perform an online status check each time it verifies any
|
||||
certificate. If you select this setting, you should also choose the
|
||||
certificate from the Response Signer pop-up menu that identifies the signer
|
||||
of the OCSP responses. With this setting, the only certificates Certificate
|
||||
Manager recognizes are those that can be verified by an OCSP response
|
||||
signed with the Response Signer certificate (or signed using a certificate
|
||||
that chains to it).
|
||||
|
||||
<p>When you choose a Response Signer certificate from the pop-up menu, Certificate Manager fills in the Service URL (if available) for that signer automatically. If the Service URL is not filled in automatically, you must provide it yourself; ask your system administrator for details.</LI>
|
||||
<p>When you choose a Response Signer certificate from the pop-up menu,
|
||||
Certificate Manager fills in the Service URL (if available) for that
|
||||
signer automatically. If the Service URL is not filled in automatically,
|
||||
you must provide it yourself; ask your system administrator for
|
||||
details.</p>
|
||||
|
||||
</li>
|
||||
</ul>
|
||||
|
||||
<h2 id="manage_crls">Manage CRLs</h2>
|
||||
|
||||
<hr>
|
||||
<a NAME="manage_CRLs_dialog"></a>
|
||||
<a NAME="validation:managing_CRLsIDX"></a>
|
||||
<a NAME="CRLs:managingIDX"></a>
|
||||
<h2>Manage CRLs</h2>
|
||||
<p>This section describes how to use the Manage CRLs dialog box. To view it,
|
||||
follow these steps:</p>
|
||||
|
||||
<p>This section describes how to use the Manage CRLs dialog box. To view it, follow these steps:
|
||||
<ol>
|
||||
<li>Open the Edit menu (Mozilla menu on Mac OS X) and choose Preferences.
|
||||
<li>Under the Privacy & Security category, click Validation. (If no subcategories are visible, double-click Privacy & Security to expand the list.)
|
||||
<li>Click Manage CRLs.
|
||||
<li>Open the Edit menu (&brandShortName; menu on Mac OS X) and choose
|
||||
Preferences.</li>
|
||||
<li>Under the Privacy & Security category, click Validation. (If no
|
||||
subcategories are visible, double-click Privacy & Security to expand
|
||||
the list.)</li>
|
||||
<li>Click Manage CRLs.</li>
|
||||
</ol>
|
||||
|
||||
<p>This dialog box displays a list of the <a href="glossary.xhtml#certificate_revocation_list">CRLs</a> that you have downloaded for use by your browser. Typically, you download a CRL by clicking a URL. FOr information about how CRLs work, see <a href="using_certs_help.html#Managing_CRLs">Managing CRLs</a>.
|
||||
<p>This dialog box displays a list of the
|
||||
<a href="glossary.xhtml#certificate_revocation_list">CRLs</a> that you have
|
||||
downloaded for use by your browser. Typically, you download a CRL by
|
||||
clicking a URL. For information about how CRLs work, see
|
||||
<a href="using_certs_help.html#Managing_CRLs">Managing CRLs</a>.</p>
|
||||
|
||||
<p>To select a CRL, click it. You can then perform any of these actions:
|
||||
<p>To select a CRL, click it. You can then perform any of these actions:</p>
|
||||
|
||||
<ul>
|
||||
<li><b>Delete:</b> Deletes the CRL permanently from your hard disk. Don't do this unless you're sure you no longer need the CRL for validating certificates. If in doubt, consult your system administrator.
|
||||
<li><b>Settings:</b> Opens the <a href="#auto_crl_update_prefs">Automatic CRL Update Preferences</a> dialog box, which allows you to activate automatic CRL updates for the selected CRL and specify how frequently they should be performed.
|
||||
<li><b>Update:</b> Immediately updates the selected CRL (if possible).
|
||||
</ul>
|
||||
<p>The Manage CRLs dialog box provides the following information about each CRL:
|
||||
|
||||
<ul>
|
||||
<li><b>Organization (O):</b> The name of the organization that issued the CRL.
|
||||
<li><b>Organizational Unit (OU):</b> The name of the organizational unit that issued the CRL (such as the root CA for a particular kind of certificate).
|
||||
<li><b>Last Update:</b> The date on which the browser's copy of this CRL was last updated.
|
||||
<li><b>Next Update:</b> The next date on which an updated version of this CRL will be published by the CRL issuer.
|
||||
<li><b>Auto Update:</b> Indicates whether Auto Update has been enabled for this CRL. To view the settings that control auto updating, select the CRL and click Settings.
|
||||
<li><b>Auto Update Status:</b>
|
||||
<ul>
|
||||
<li>If Auto Update has not been enabled, or if it has been enabled but the next scheduled update has not yet occurrred, this field will be blank.
|
||||
<li>After at least one auto update has occurred, this field shows "failed" if the most recent auto update failed, or "OK" if the most recent auto update was successful.
|
||||
</ul></ul>
|
||||
|
||||
<hr>
|
||||
<a NAME="crl_import_status"></a>
|
||||
<a NAME="validation:managing_CRLsIDX"></a>
|
||||
<a NAME="CRLs:import_status_of"></a>
|
||||
<h2>CRL Import Status</h2>
|
||||
|
||||
<p>This section describes how to use the CRL Import Status dialog box, which appears when you first attempt to import a CRL or when you successfully update it manually.
|
||||
|
||||
<p>This dialog box informs you
|
||||
<ul>
|
||||
<li>whether your attempt to import or update the CRL was successful
|
||||
<li>what organization issued the CRL
|
||||
<li>when the next update of this CRL will be published
|
||||
<li>whether Automatic Update is enabled for this CRL
|
||||
<li><strong>Delete:</strong> Deletes the CRL permanently from your hard disk.
|
||||
Don't do this unless you're sure you no longer need the CRL for
|
||||
validating certificates. If in doubt, consult your system
|
||||
administrator.</li>
|
||||
<li><strong>Settings:</strong> Opens the
|
||||
<a href="#automatic_crl_update_preferences">Automatic CRL Update
|
||||
Preferences</a> dialog box, which allows you to activate automatic CRL
|
||||
updates for the selected CRL and specify how frequently they should be
|
||||
performed.</li>
|
||||
<li><strong>Update:</strong> Immediately updates the selected CRL
|
||||
(if possible).</li>
|
||||
</ul>
|
||||
|
||||
<p>If Automatic Update is not enabled, you can turn it on from here:
|
||||
|
||||
<p>The Manage CRLs dialog box provides the following information about each
|
||||
CRL:</p>
|
||||
|
||||
<ul>
|
||||
<li><b>Yes:</b> Click Yes to enable automatic updating of this CRL. If you click this button, the Automatic CRL Update Preferences dialog box appears next. The next section describes how to set these preferences.
|
||||
<li><b>No:</b> Click No if you wish to leave Automatic Update disabled.
|
||||
<li><strong>Organization (O):</strong> The name of the organization that
|
||||
issued the CRL.</li>
|
||||
<li><strong>Organizational Unit (OU):</strong> The name of the organizational
|
||||
unit that issued the CRL (such as the root CA for a particular kind of
|
||||
certificate).</li>
|
||||
<li><strong>Last Update:</strong> The date on which the browser's copy
|
||||
of this CRL was last updated.</li>
|
||||
<li><strong>Next Update:</strong> The next date on which an updated version
|
||||
of this CRL will be published by the CRL issuer.</li>
|
||||
<li><strong>Auto Update:</strong> Indicates whether Auto Update has been
|
||||
enabled for this CRL. To view the settings that control auto updating,
|
||||
select the CRL and click Settings.</li>
|
||||
<li><strong>Auto Update Status:</strong>
|
||||
<ul>
|
||||
<li>If Auto Update has not been enabled, or if it has been enabled but
|
||||
the next scheduled update has not yet occurrred, this field will be
|
||||
blank.</li>
|
||||
<li>After at least one auto update has occurred, this field shows
|
||||
"failed" if the most recent auto update failed, or
|
||||
"OK" if the most recent auto update was successful.</li>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
|
||||
<hr>
|
||||
<a NAME="auto_crl_update_prefs"></a>
|
||||
<a NAME="validation:auto_updating_CRLsIDX"></a>
|
||||
<a NAME="CRLs:auto_upates_forIDX"></a>
|
||||
<h2>Automatic CRL Update Preferences</h2>
|
||||
<h2 id="crl_import_status">CRL Import Status</h2>
|
||||
|
||||
<p>This section describes how to use the CRL Import Status dialog box, which
|
||||
appears when you first attempt to import a CRL or when you successfully
|
||||
update it manually.</p>
|
||||
|
||||
<p>This dialog box informs you</p>
|
||||
|
||||
<ul>
|
||||
<li>whether your attempt to import or update the CRL was successful</li>
|
||||
<li>what organization issued the CRL</li>
|
||||
<li>when the next update of this CRL will be published</li>
|
||||
<li>whether Automatic Update is enabled for this CRL</li>
|
||||
</ul>
|
||||
|
||||
<p>If Automatic Update is not enabled, you can turn it on from here:</p>
|
||||
|
||||
<ul>
|
||||
<li><strong>Yes:</strong> Click Yes to enable automatic updating of this CRL.
|
||||
If you click this button, the Automatic CRL Update Preferences dialog box
|
||||
appears next. The next section describes how to set these preferences.</li>
|
||||
<li><strong>No:</strong> Click No if you wish to leave Automatic Update
|
||||
disabled.</li>
|
||||
</ul>
|
||||
|
||||
<h2 id="automatic_crl_update_preferences">Automatic CRL Update Preferences</h2>
|
||||
|
||||
<p>This section describes how to use the Automatic CRL Update Preferences
|
||||
dialog box. If you are not already viewing it, follow these steps:</p>
|
||||
|
||||
<p>This section describes how to use the Automatic CRL Update Preferences dialog box. If you are not already viewing it, follow these steps:
|
||||
<ol>
|
||||
<li>Open the Edit menu (Mozilla menu on Mac OS X) and choose Preferences.
|
||||
<li>Under the Privacy & Security category, click Validation. (If no subcategories are visible, double-click Privacy & Security to expand the list.)
|
||||
<li>Click Manage CRLs, then select the CRL whose auto update preferences you want to view or change.
|
||||
<li>Click Settings.
|
||||
<li>Open the Edit menu (&brandShortName; menu on Mac OS X) and choose
|
||||
Preferences.</li>
|
||||
<li>Under the Privacy & Security category, click Validation. (If no
|
||||
subcategories are visible, double-click Privacy & Security to expand
|
||||
the list.)</li>
|
||||
<li>Click Manage CRLs, then select the CRL whose auto update preferences you
|
||||
want to view or change.</li>
|
||||
<li>Click Settings.</li>
|
||||
</ol>
|
||||
|
||||
<p>This dialog box displays the following options and information:
|
||||
<p>This dialog box displays the following options and information:</p>
|
||||
|
||||
<ul>
|
||||
<li><b>Enable Automatic Update for this CRL:</b> Select this option if you want the CRL you selected to be updated automatically according to the schedule you set here. (Note that you can't select this option if the CRL doesn't specify a Next Update date.)
|
||||
<p>If you enable Automatic Update, you must select one of these radio buttons:
|
||||
<ul>
|
||||
<li><b>Update X days before Next Update date.</b> Select this option if you want to base the update frequency on the frequency with which the CRL publisher publishes a new version of the CRL.
|
||||
<li><b>Update every X days.</b> Select this option if you want to specify an update interval unrelated to the CRL's Next Update date.
|
||||
</ul>
|
||||
<li><b>CRL would be imported from:</b> Indicates the URL from which the browser originally imported the CRL. This setting cannot be changed. To specify a different location, delete the CRL and re-import it from the new location.
|
||||
<li><b>Previous Consecutive Update Failures:</b> Indicates how many times update attempts for this CRL have failed consecutively, including the most recent failure:
|
||||
<ul>
|
||||
<li> If the most recent attempt was successful, this reads "None" even if there were previous unsuccessful attempts.
|
||||
<li>If the most recent attempt failed, this indicates the number of consecutive failures and the error message for the most recent failure.
|
||||
</ul></ul>
|
||||
<li><strong>Enable Automatic Update for this CRL:</strong> Select this option
|
||||
if you want the CRL you selected to be updated automatically according to
|
||||
the schedule you set here. (Note that you can't select this option if
|
||||
the CRL doesn't specify a Next Update date.)
|
||||
|
||||
<p>Click OK to confirm your choices.
|
||||
<p>If you enable Automatic Update, you must select one of these radio
|
||||
buttons:</p>
|
||||
|
||||
<ul>
|
||||
<li><strong>Update X days before Next Update date.</strong> Select this
|
||||
option if you want to base the update frequency on the frequency with
|
||||
which the CRL publisher publishes a new version of the CRL.</li>
|
||||
<li><strong>Update every X days.</strong> Select this option if you want
|
||||
to specify an update interval unrelated to the CRL's Next Update
|
||||
date.</li>
|
||||
</ul>
|
||||
</li>
|
||||
<li><strong>CRL would be imported from:</strong> Indicates the URL from which
|
||||
the browser originally imported the CRL. This setting cannot be changed. To
|
||||
specify a different location, delete the CRL and re-import it from the new
|
||||
location.</li>
|
||||
<li><strong>Previous Consecutive Update Failures:</strong> Indicates how
|
||||
many times update attempts for this CRL have failed consecutively,
|
||||
including the most recent failure:
|
||||
<ul>
|
||||
<li>If the most recent attempt was successful, this reads
|
||||
"None" even if there were previous unsuccessful
|
||||
attempts.</li>
|
||||
<li>If the most recent attempt failed, this indicates the number of
|
||||
consecutive failures and the error message for the most recent
|
||||
failure.</li>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
|
||||
<p>Click OK to confirm your choices.</p>
|
||||
|
||||
<p>Copyright © 2003-2004 The Mozilla Foundation.</p>
|
||||
|
||||
</body>
|
||||
</html>
|
||||
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user