Does Win7 uses OCSP for EFS revocation checking, or does it has the same behavior that WinXP/2003? andresz

Windows 7 uses OCSP if respective URL is placed in the AIA extension. Built-in Windows components fully support CryptoAPI 2.0 functionality.My weblog: http://en-us.sysadmins.lv PowerShell PKI Module: http://pspki.codeplex.com Windows PKI reference: on TechNet wiki

So according to your answer EFS on Win7, uses the OS Behavior? That means that every time a user opens an EFS protected file, in a shared location, the OS goes to the OCSP locations in order to query the validity of the certificate? Thanks for your response.andresz

> That means that every time a user opens an EFS protected file, in a shared location, the OS goes to the OCSP locations in order to query the validity of the certificate? No. EFS certificate revocation checking occurs only when: 1) autoenrollment trigger launches; 2) another user is added to file access (when you select another user's certificate). Revocation checking is not performed during decryption operations.My weblog: http://en-us.sysadmins.lv PowerShell PKI Module: http://pspki.codeplex.com Windows PKI reference: on TechNet wiki