Re: [TSP] PKIStatus constants clarification

[tho <thomas.fossati@xxxxxx>]

Denis,

On Wed, Dec 18, 2002 at 05:00:20PM +0100, Denis Pinkas wrote:
> > - revocationWarning(4) 
> >   The text says - pasting from rfc2510 -: "this message contains
> >   a warning that a revocation is imminent.". 
> >   Well, but revocation of what ?
> 
> of the TSU certificate.
> 
> > - revocationNotification(5)
> >   Again, revocation of what ? 
> 
> of the TSU certificate.
> 
> >   Seemingly this could refer to the 
> >   signing certificate, but how can I tell which certificate is 
> >   since there is no means to identify it ?
> 
>     Extract from RFC 3161: " The certificate identifier (ESSCertID) of the
>     TSA certificate MUST be included as a signerInfo attribute inside a
>     SigningCertificate attribute."

rfc3161 says:

  "When the status contains the value zero or one, a TimeStampToken MUST
   be present.  When status contains a value other than zero or one, a
   TimeStampToken MUST NOT be present."

so in case of rejection(2), waiting(3), revocationWarning(4) and
revocationNotification(5) the client has no ESSCertID back...


Thomas