[caops-wg] OCSP - proxy certs

[Mike Helm]

Jesus Luna writes:
> The client is the only one that can identify Proxy Certificates (in fact 
> it is pretty easy to do with the CoG Java implementation) therefore 
> releasing the OCSP server from such "customization".

How does this client do this?  

One of the motivations for doing OCSP is to lighten the 
cert checking burden on the client (to 1 ocsp status
check call).  So I think it would be good if we understood
this issue better....

Thanks, ==mwh