[caops-wg] Which OCSP responder to trust?

[Jesus Luna]

Hello again,
In slide 4 of the presentation "OCSP-GGF15.ppt"  three different OCSP 
discovery mechanisms are mentioned to validate user and Proxy 
Certificates; in this case we agree with them (in fact the first two are 
referenced in some way in secton "4.4 Responder discovery"), however it 
could be convenient to mention also the possibility of using the 
multicited OCSP Policy to accomplish such configuration at the relying 
party.
The third option "OCSP-signing proxy delegated to responder", could you 
elaborate more on this? We are not getting the idea behind such concept.

Regards (one more time!),

Oscar & Jesus