[caops-wg] Which OCSP responder to trust?
Jesus Luna
jluna at ac.upc.edu
Fri Oct 28 05:35:37 CDT 2005
Hello again,
In slide 4 of the presentation "OCSP-GGF15.ppt" three different OCSP
discovery mechanisms are mentioned to validate user and Proxy
Certificates; in this case we agree with them (in fact the first two are
referenced in some way in secton "4.4 Responder discovery"), however it
could be convenient to mention also the possibility of using the
multicited OCSP Policy to accomplish such configuration at the relying
party.
The third option "OCSP-signing proxy delegated to responder", could you
elaborate more on this? We are not getting the idea behind such concept.
Regards (one more time!),
Oscar & Jesus
More information about the caops-wg
mailing list