Philip Carnstam said:
How come every time I do something (open / edit / create) a message
that is signed it takes an extra minute for outlook?
Is there any setting doing this?
Thanks,
Philip
I had a conversation with Thawte regarding their freemail certificates
and one of the KB articles mentioned in trying to fix my problem was:
http://support.microsoft.com/default.aspx?scid=kb;en-us;287803
It turns out the Microsoft doesn't obey an RFC (forget which one) that
recommends the CA (Certificate Authority) in the certificate specifies
the CRL (Certificate Revocation List) location in the certificate. The
CRL is used to verify if the certificate used in an e-mail is still
valid or not. It might not have expired but it may have been revoked
(by its user or the CA). It is only a recommendation but is not
mandatory. Thawte freemail certificates (and maybe their other types,
too) do not specify the CRL location, so Outlook has nowhere to download
and refresh the CRL to check if a Thawte freemail certificate has not
been revoked. Maybe certificates from Verisign and others include the
CRL location so Outlook knows where to download it. This download will
take time and that's probably the cause of the delay you encounter.
If you don't care to have Outlook download the CRL to see if the
certificate used in signing a message has been revoked or not, use the
"2" setting for UseCRLChasing to never check for certificate revocation.
