mirror of
https://github.com/xcat2/xNBA.git
synced 2025-02-06 22:11:57 +00:00
557f467bab
At present, certificate chain validation is treated as an instantaneous process that can be carried out using only data that is already in memory. This model does not allow for validation to include non-instantaneous steps, such as downloading a cross-signing certificate, or determining certificate revocation status via OCSP. Redesign the internal representation of certificate chains to allow chains to outlive the scope of the original source of certificates (such as a TLS Certificate record). Allow for certificates to be cached, so that each certificate needs to be validated only once. Signed-off-by: Michael Brown <mcb30@ipxe.org>
iPXE README File Quick start guide: cd src make For any more detailed instructions, see http://ipxe.org