[caops-wg] OCSP APIs for MyProxy and GT4 - Requirements document?
Jim Basney
jbasney at ncsa.uiuc.edu
Mon Oct 23 11:44:33 CDT 2006
Mike Helm <helm at fionn.es.net> wrote:
> jluna at ac.upc.edu writes:
> > We have been aware of the adoption of an OCSP client into a new MyProxy release,
> > and on the other hand OGRO is about to be submitted for evaluation as a patch to
> > Globus' Java core. Maybe it's a good time to push the document again, isn't it?
>
> yes.
I agree. I've found the OCSP Requirements for Grids document useful for
my work adding OCSP support to MyProxy
(http://bugzilla.ncsa.uiuc.edu/show_bug.cgi?id=281) and the GT C GSI
libraries (http://bugzilla.globus.org/bugzilla/show_bug.cgi?id=4788),
and I'd like to see it published as a GGF draft.
One comment I'll make is the MyProxy example in the appendix is odd
considering the recommendation elsewhere in the document not to include
proxy certificates in OCSP requests.
> what's the general capability of the myproxy ocsp client, or its
> intended application &c? thanks, ==mwh
In an upcoming MyProxy release, it will be possible to configure the
myproxy-server to check certificate status via OCSP for stored
credentials before delegating a proxy certificate from those
credentials.
-Jim
More information about the caops-wg
mailing list