Site menu:

LATEST NEWS:

22 July 2011
PKIF 2.1.14, Webcullis, the OCSP Plugin and PITT 1.2.5 are available for download.


18 November 2010
PKIF 2.1.13, Webcullis, the OCSP Plugin and PITT 1.2.1 are available for download.


29 September 2010
New utilities are released, including CAPI logger, a new version of PITT, PKIPlug and some certificate pair tools.


3 September 2010
PKIF 2.1.12, Webcullis, the OCSP plugin and PITT are available for download.


18 June 2010
PKIF 2.1.11, Webcullis, the OCSP plugin and PITT are available for download.


17 May 2010
PKIF 2.1.10 along with Webcullis and the OCSP plugin are available for download. This release brings the major additions of the OCSP plugin customization wizard and PITT.


31 January 2010
PKIF 2.1.9 along with Webcullis and the OCSP plugin are available for download.


Location: PKIF / MD5Shield 

PKIF Hosting Provided By

Get PKIF at SourceForge.net. Fast, secure and Free Open Source software downloads

MD5Shield Plug-in for Microsoft Windows

MD5Shield is a revocation status provider for applications that use Microsoft Crypto API (CAPI) for certification path processing. Applications call CAPI to validate a certificate. CAPI calls revocation status providers to determine if a certificate is revoked. Typically, revocation status providers use either an Online Certificate Status Protocol (OCSP) response or a certificate revocation list (CRL) to determine the status of the certificate presented by CAPI and return an indication that the certificate is not revoked, the certificate is revoked or the status could not be determined.

MD5Shield does not determine the revocation status of certificates. Instead, it parses the certificate presented by CAPI and determines if the certificate was signed using either MD2 with RSA encryption or MD5 with RSA encryption. If the certificate was signed using one of these algorithms, MD5Shield reports the status of the certificate as revoked, causing the CAPI-enabled application to not rely upon the certificate. If the certificate is not signed using one of these algorithms, MD5Shield reports the status of the certificate as unknown, allowing other revocation status providers to act.

Note: In order for MD5Shield to be used, revocation status checking must be enabled. Here’s where the setting is located for Internet Explorer: Enabling revocation status checking for IE

Download MD5Shield and its source code from sourceforge (License).

Send questions or comments to pkif_support AT cygnacom DOT com.