Online Certificate Revocation Protocol

[Massimiliano Pala <madwolf@xxxxxxxxxx>]

Hi all,

I am in search of some help and suggestions about certificate revocation. The
problem is that, as far as I know, no rfc covers a possible online revocation
protocol to be used to revoke a certificate.

The model I am thinking of is request-response oriented and, depending on
the policy adopted by the corresponding CA, permits a user/router/etc... to
ask for revocation of a certificate. This can help environments where
certificates from different vendors are used and we want to be able to ask
for revocation without having to follow different procedures for different
CSP -- additional steps could/shall, depending on the policy adopted,
be taken to accomplish the revocation process.

Has my problem a solution yet ??? Or can I work on a proposal to be
submitted for comments and reviews ???

Looking forwards for comments.

-- 

Best Regards,

	Massimiliano Pala

--o-------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager]                madwolf@xxxxxxxxxx
                                                     madwolf@xxxxxxxxxxxxxxx
http://www.openca.org                            Tel.:   +39 (0)59  270  094
http://openca.sourceforge.net                    Mobile: +39 (0)347 7222 365