RV: [caops-wg] Re: Grid OCSP proposal
Milan Sova
sova at cesnet.cz
Fri Apr 29 06:46:02 CDT 2005
Hello.
The discussion has been a little quiet for some time.
I'm including a new version of the document. Here are some comments:
-- I've removed several occurrences of "suspend" and "suspended" basicly
in contexts like "revoked and suspended". IMO suspension is just a
special case of revocation.
-- Section 2, p.2
removed redundant "or invalidated" from "revoked or invalidated" in
-- corrected spelling of "openssl" to "OpenSSL" throughout the
document
-- removed (mostly my) comments from the document
-- Section 3, p.3:
Removed point about "establishing of authorized OCSP responders
between Grid CAs" being the way to achieve interoperability and
"trust relationships among Grid PKIs"
- it didn't make much sense to me
-- Section 3, p.3:
Removed point making requirements on the OCSP service provider
- I think it belongs into "Requirements" section.
-- Section 5.4, p.5:
crosslink to Section 4
removed "Another Responder discovery solution consist of
configuring a Global OCSP Redirector per domain in charge of
redirecting the relying party's OCSP request according to specified
parameters (i.e. OCSP load, network traffic, availability, etc.)."
- it is just a special case of a local trusted responder.
-- Section 5.7
"Revoked with status Suspended or OnHold"
-> "...with revocationReason certificateHold..."
-- Section 6.2
Crosslink to Section 4
-- Section 6.6
reverted the section back to Olle's version. The modified version
did not make much sense to me
-- Section 10
is empty - I didn't succeed to persuade my OpenOffice to get rid of
it ;(
-- Section 11
I'm not sure whether the statement of OCSP policies and Grid
Services fits inot the document spirit...
-- Section 14
replaced the Authorized Responder definition by a citation form
RFC2560
- are we really going to have a Definitions section? If so, it
would probably look better if we include some more of them ;)
Regards
--
Milan Sova
sova at cesnet.cz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OCSP_Requirements_for_Grids_ms.doc
Type: application/msword
Size: 134656 bytes
Desc: not available
Url : http://www.ogf.org/pipermail/caops-wg/attachments/20050429/e51e9cda/attachment.doc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2191 bytes
Desc: S/MIME Cryptographic Signature
Url : http://www.ogf.org/pipermail/caops-wg/attachments/20050429/e51e9cda/attachment.bin
More information about the caops-wg
mailing list