Offline Certificate Validation
Offline Certificate Validation has been enhanced to include the following rules and
procedures:
Peer Certificates
The diagram below illustrates the peer certificate validation procedure.
•
•
Self Validation of Certificates
•
•
Certificate Revocation List
•
•
•
Installing and Using Certificates on the RMX
The following certificate file formats are supported:
•
•
•
•
Polycom, Inc.
The credentials of each certificate received from a networked peer are verified against a
repository of trusted certificates. (Each networked entity contains a repository of
trusted certificates.)
The digital signature of the certificate's issuing authority is checked along with the
certificate's validity (expiration date).
The DNS name field in the entity's certificate is checked for a match with the entity's
DNS name.
The date of the RMX's certificate is checked for validity during power-up and when
connecting to management applications (RMX Web Client and RMX Manager).
Each certificate received from a networked peer is verified against a repository of
revoked certificates. (Each networked entity contains a repository of revoked
certificates.
Revocation certificates are checked against a list of trusted issuers.
The digital signature of the issuing authority of the revocation certificate is verified.
PEM
DER
PKCS#7/P7B
PKCS#12PFX
Appendix F-Secure Communication Mode
F-9