[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Cached OCSP responses vs. single entry CRLs

To: <ietf-pkix@xxxxxxx>
Subject: Cached OCSP responses vs. single entry CRLs
From: "Carl Wallace" <cwallace@xxxxxxxxxxxx>
Date: Fri, 5 Dec 2003 16:09:01 -0500
Importance: Normal
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

Why use OCSP to convey pre-produced revocation information in the way that's
being discussed?  Why not use single entry CRLs?  The functionality is
similar and they could be propagated using existing technology (e.g.
directories, 3280 compliant path processing clients, etc.).

Follow-Ups:
- RE: Cached OCSP responses vs. single entry CRLs
  - From: Michael Myers

Prev by Date: RE: DISCUSS: MUST reject in OCSPv1
Next by Date: RE: DISCUSS: MUST reject in OCSPv1
Previous by thread: I-D ACTION:draft-ietf-pkix-sha244-00.txt
Next by thread: RE: Cached OCSP responses vs. single entry CRLs
Index(es):
- Date
- Thread