D
Dean
I am not sure if this group is right for my question. If not, could
someone point me to the right group?
I am using EFS user certificates in a Windows 2003 domain environment.
After I revoked the EFS user certificate, I was very surprised that I
was still able to encrypt my files using the revoked certificate. I
can tell it by the certificate thumbprint number in the encrypted file
properties. If the user certificate is revoked, how can it be used for
encryption since it is in CRL already? My question is that should the
revoked EFS certificate be able to continue to encrypt the files or
not?
My understanding is that, if the certificates are expired or revoked,
I should be able to encrypt my files but that should be with another
new certificate, instead of the revoked one. That is what I don't
understand in my case.
If someone can explain this (maybe it is me, a user error), I really
appreciate it. All I need to know is Yes or No to my question.
Thanks,
Dean
someone point me to the right group?
I am using EFS user certificates in a Windows 2003 domain environment.
After I revoked the EFS user certificate, I was very surprised that I
was still able to encrypt my files using the revoked certificate. I
can tell it by the certificate thumbprint number in the encrypted file
properties. If the user certificate is revoked, how can it be used for
encryption since it is in CRL already? My question is that should the
revoked EFS certificate be able to continue to encrypt the files or
not?
My understanding is that, if the certificates are expired or revoked,
I should be able to encrypt my files but that should be with another
new certificate, instead of the revoked one. That is what I don't
understand in my case.
If someone can explain this (maybe it is me, a user error), I really
appreciate it. All I need to know is Yes or No to my question.
Thanks,
Dean