Given the discussion generated on the topic of recursion, it seems we should probably assume that in some cases, DPx servers will turn around and behave as DPx clients in response to a given query. Rather than debate the merits of recursion, I would like to suggest the following minor changes in the requirements (to allow a client to specify whether recursion is an acceptable practice, and if so, to what extent):
(1) Change 1.4 to add DPV to the list of acceptable sources of revocation status.
(2) Add a new 1.x clause to allow the client to specify whether recursion of this sort is permitted. This could be either a boolean (to give a simple yes/no answer) or it could be an integer with count-to-zero semantics similar to that of inhibitPolicyMapping in X.509. (One could argue that this could be implied by the policy in clause 1.9, but it seems like something that ought to be made explicit.)
-- Skip Slone
-----Original Message-----
From: Stephen Kent [mailto:kent@xxxxxxx]
Sent: Friday, December 29, 2000 1:25 PM
To: PKIX-List
Subject: DPD & DPV requirementsAs promised, here is the strawman requirements specification for DPV and DPD. Questions that the WG needs to address as part of deciding on the scope of these requirements are in boldface.
[snip]