[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: DPD & DPV requirements - Let us Recurse

To: ietf-pkix@xxxxxxx
Subject: RE: DPD & DPV requirements - Let us Recurse
From: "Covey, Carlin" <ccovey@xxxxxxxxxx>
Date: Wed, 10 Jan 2001 11:13:44 -0800

Peter and Kent,

I second Peter's strawman proposal.

-----Original Message-----
From: Peter Sylvester [mailto:Peter.Sylvester@xxxxxxxxxx]
Sent: Wednesday, January 10, 2001 12:07 PM
To: Peter.Sylvester@xxxxxxxxxx; kent@xxxxxxx
Cc: ietf-pkix@xxxxxxx
Subject: RE: DPD & DPV requirements - Let us Recurse

<snip>

[Peter]

A strawman proposal: 

A server should have the ability to return in the response
a rather limited set of well-known protocol elements, certs,
crls, ocsp response, pkistatus, DPV response, at least those
that he had used to make up its decision or which it wishes
to communicate to the client for whatever reason. 

[Carlin]

If a DPD server can't return an embedded DPD response from
another DPD server, then the first DPD server has more
constraints on forming a valid certificate path than a DPV
server would have.  (Presumably a DPV server could consult a
DPD server to collect path validation information)

Prev by Date: time stamping interoperability tests
Next by Date: RE: Basic Cert-2-Directory mapping question
Previous by thread: RE: DPD & DPV requirements - Let us Recurse
Next by thread: RE: DPD & DPV requirements - Let us Recurse
Index(es):
- Date
- Thread