RE: OCSP response pre-production

["Florian Oelmaier" <oelmaier@xxxxxxxxxxx>]

> - re-assert that it is not conformant to RFC2560 to send back 
> a response 
> without to nonce to a request requiring a nonce (it might 
> change in OCSPv2)

The RfC states: "[A request includes] [...] optional extensions which
MAY be processed by the OCSP Responder". With the clear definition of
MAY according to RfC 2119:

5. MAY   This word, or the adjective "OPTIONAL", mean that an item is
   truly optional.  One vendor may choose to include the item because a
   particular marketplace requires it or because the vendor feels that
   it enhances the product while another vendor may omit the same item.
   An implementation which does not include a particular option MUST be
   prepared to interoperate with another implementation which does
   include the option, though perhaps with reduced functionality. In the
   same vein an implementation which does include a particular option
   MUST be prepared to interoperate with another implementation which
   does not include the option (except, of course, for the feature the
   option provides.)

When writing such an informational RfC we also have to clarify that
extension processing is not optional anymore with this change (as every
responder MUST detect a nonce).

-- 
Florian Oelmaier
SyTrust