[caops-wg] Some -small- comments about the document

[jluna at ac.upc.edu]

Dear all,
As mentioned in the teleconference, next you will find some comments/questions
about the document (ver 0.3):
-Page 6, line 8: I'm not pretty sure about it, but if you perform a random
search then chances for finding an operative OCSP Responder are greather than
sequentially searching for it.
-Page 6, lines 14-18: maybe we are entering into too much detail about DNS SRV
requirements for OCSP. It is good for the paper, but in that case maybe we
should write something more about the WS-Resource option.
-Page 6, line 20: Reference point to [WSRES], but should say [WSREF].
-Page 7, lines 15-17: Do you want us to insert a link/reference to our OGRO
API?
Such API implements a configuration file providing this set of options so it
may
be a good example    ;)
-Page 7, lines 23-25: The term "OCSP Policy" is exactly equal to "OCSP
configuration file" (as in 4.7), so we may replace it for keeping a uniform
terminology.
-Page 8, line 1-2: I'm not pretty sure about it but think that the second "to"
is misplaced here. Apart from this, as such "features" are inherent (sniff) to
networks :(  the "MUST" could be changed for a "SHOULD".
-Page 8, line 10: The term "Grid Services" in this context is not very clear
for
us, could you please explain little more?
-Page 10, line 43: The term "multi-certificate queries" refers to OCSP Requests
messages querying the status for more than one certificate? If so, then I don't
know if it should be pointed this way as that is part of any conformant RFC2560
implementation.
-Page 14, line 17: As pointed before, maybe we should say that such policies
could be part of a more general OCSP Configuration file.

Best regards and hope to send you comments about Proxy Certs and DCRLs during
the week,

Salut,
Oscar & Jesus