[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: DPD & DPV requirements

To: "'Michael Myers'" <MMyers@xxxxxxxxxxxx>
Subject: RE: DPD & DPV requirements
From: Frank Balluffi <frankb@xxxxxxxxxxxx>
Date: Mon, 15 Jan 2001 21:55:24 -0800
Cc: ietf-pkix@xxxxxxx

Mike Myers said:

> The ReqCert syntax of OCSPv2 imports Certificate syntax from 
> X.509, yielding
> a single X.509 certificate in a request.  At this stage, I 
> have no objection
> to amending ReqCert to use CertificateSet syntax defined in 
> RFC 2630 (i.e.
> CMS) to enable a "certificate lump" since the syntax of CertificateSet
> enables specification of a single certificate (although 
> prefaced then by a
> SET OF, but otherwise we're looking at a SEQ OF anyway).  
> OCSPv2 is already
> requiring linkage to 2630 via import of IssuerAndSerialNumber for
> certificate identification purposes.

I'm confused. Are people saying that the certificate whose path the client
would like to discover or validate is in the unordered lump of certificates
or that a separate lump of certificates may be sent to assist the server? I
thought the latter.

Frank

Follow-Ups:
- RE: DPD & DPV requirements
  - From: Michael Myers

Prev by Date: RE: Basic Cert-2-Directory mapping question
Next by Date: RE: DPD & DPV Basics
Previous by thread: RE: DPD & DPV requirements
Next by thread: RE: DPD & DPV requirements
Index(es):
- Date
- Thread