[caops-wg] Issue with OCSP through HTTP caches
Matt Crawford
crawdad at fnal.gov
Wed Apr 26 10:11:55 CDT 2006
>>>>> HTTP Proxying is useful, but the problem may arise from HTTP-
>>>>> caches [...]
>>>> It would be very important to know what caching control is being
>>>> sent
>>>> by the OCSP Responder when the cache first sends the request to it.
>>> Exactly, in fact IETF Draft's "Lightweight OCSP Profile for High
>>> Volume
>>> Environments" in section "5.2 HTTP Proxies" has an interesting
>>> text about this
>>> issue [...] Do you think that it may be worth mentioning it into
>>> the OCSP reqs document or
>>> let's just skip it?
> I don't see anyone objecting to this being an issue that is worth
> adding a note about in the doc.
I had not looked at the i-d Jesus referred to (draft-ietf-pkix-
lightweight-ocsp-profile-04.txt), but its treatment of the issue
looks complete and accurate.
More information about the caops-wg
mailing list