Uhh, where on earth did this one come from? The previous consensus on the list seemed to be do produce a minimal update with some more workable IDs and CRLDP info as suggested by Denis:
To be more precise, I do not care about the expired OCSP v2 draft, but I care about fixing RFC 2560, while sticking to its original functionality: individual certificate revocation information status check.
Having said that, we should correct the major problem that exists in RFC 2560, which is how the certificate can be defined.
[...]
I agree that, for defining an extension for handling a CRLDP extension
This thing is neither compatible with the previous OCSPv2, nor with what was
discussed on the list... this is more like 2560bis-bis. It seems to be
contrary to everything that was discussed on the list.
- an extension for handling a CRLDP extension has been defined, - in addition to the current way to define a certificate, two new ways have been defined.
The only point is the extension to cover Attribute Certificates, which is rather straightforward.
I already have an OCSPv2 draft done based on the previous discussion on the list, I was just waiting a bit longer to make sure none of the original v2 authors would feel slighted when I posted the new, minimal update to v1.
Peter.