RV: [caops-wg] Re: Grid OCSP proposal

Milan Sova sova at cesnet.cz
Fri Apr 29 06:46:02 CDT 2005 

	Hello.

	The discussion has been a little quiet for some time.
I'm including a new version of the document. Here are some comments:

-- I've removed several occurrences of "suspend" and "suspended" basicly
    in contexts like "revoked and suspended". IMO suspension is just a
    special case of revocation.

-- Section 2, p.2
    removed redundant "or invalidated" from "revoked or invalidated" in

-- corrected spelling of "openssl" to "OpenSSL" throughout the
    document

-- removed (mostly my) comments from the document

-- Section 3, p.3:
    Removed point about "establishing of authorized OCSP responders
    between Grid CAs" being the way to achieve interoperability and
    "trust relationships among Grid PKIs"
    - it didn't make much sense to me

-- Section 3, p.3:
    Removed point making requirements on the OCSP service provider
    - I think it belongs into "Requirements" section.

-- Section 5.4, p.5:
    crosslink to Section 4
    removed "Another Responder discovery solution consist of
    configuring a Global OCSP Redirector per domain in charge of
    redirecting the relying party's OCSP request according to specified
    parameters (i.e. OCSP load, network traffic, availability, etc.)."
    - it is just a special case of a local trusted responder.

-- Section 5.7
    "Revoked with status Suspended or OnHold"
       -> "...with revocationReason certificateHold..."

-- Section 6.2
    Crosslink to Section 4

-- Section 6.6
    reverted the section back to Olle's version. The modified version
    did not make much sense to me

-- Section 10
    is empty - I didn't succeed to persuade my OpenOffice to get rid of 
it ;(

-- Section 11
    I'm not sure whether the statement of OCSP policies and Grid
    Services fits inot the document spirit...

-- Section 14
    replaced the Authorized Responder definition by a citation form
    RFC2560
    - are we really going to have a Definitions section? If so, it
      would probably look better if we include some more of them ;)

	Regards

-- 
						Milan Sova
						sova at cesnet.cz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OCSP_Requirements_for_Grids_ms.doc
Type: application/msword
Size: 134656 bytes
Desc: not available
Url : http://www.ogf.org/pipermail/caops-wg/attachments/20050429/e51e9cda/attachment.doc 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2191 bytes
Desc: S/MIME Cryptographic Signature
Url : http://www.ogf.org/pipermail/caops-wg/attachments/20050429/e51e9cda/attachment.bin

More information about the caops-wg mailing list