[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: multiple digitale signatures

To: Sönke Maseberg <maseberg@xxxxxxxxxxxxxxxx>
Subject: Re: multiple digitale signatures
From: Juergen Brauckmann <brauckmann@xxxxxxxxxxxxxx>
Date: Tue, 20 Feb 2001 08:36:20 +0100
Cc: pkix <ietf-pkix@xxxxxxx>
References: <>

Hi.

Sönke Maseberg wrote:
> 1. multiple digital signatures
> we would  like to extend OCSP responses [RFC 2560] and CRLs (Certificate
> and CRL Profile) [<draft-ietf-pkix-new-part1-04.txt>] with multiple
> digital signatures in the following manner:

Why do you want to do that? If a client has an old OCSP response with an
expired algorithm, then the client could simply request a new OCSP
response.

If the old OCSP response is that important that you must reuse it, then
you may use timestamps.

I think it would be a big performance burden on the OCSP responder if it
would be forced to sign the response multiple times.

Regards,
   Juergen

Follow-Ups:
- Re: multiple digitale signatures
  - From: Soenke Maseberg

References:
- multiple digitale signatures
  - From: Sönke Maseberg

Prev by Date: Re: Algorithm revocation
Next by Date: Re: WG Last Call: Son-of-2459
Previous by thread: multiple digitale signatures
Next by thread: Re: multiple digitale signatures
Index(es):
- Date
- Thread