[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: DISCUSS: MUST reject in OCSPv1

To: "'Michael Myers'" <mmyers@xxxxxxxxx>, "Deacon, Alex" <alex@xxxxxxxxxxxx>, Tom Gindin <tgindin@xxxxxxxxxx>
Subject: RE: DISCUSS: MUST reject in OCSPv1
From: "Deacon, Alex" <alex@xxxxxxxxxxxx>
Date: Mon, 15 Dec 2003 09:56:04 -0800
Cc: ietf-pkix@xxxxxxx
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

Mike,


> -----Original Message-----
> From: Michael Myers [mailto:mmyers@xxxxxxxxx] 
> Sent: Monday, December 15, 2003 9:54 AM
> To: Deacon, Alex; Tom Gindin
> Cc: ietf-pkix@xxxxxxx
> Subject: RE: DISCUSS: MUST reject in OCSPv1
> 
> 
> > -----Original Message-----
> > From: Deacon, Alex [mailto:alex@xxxxxxxxxxxx]
> > Sent: Monday, December 15, 2003 10:21 AM
> >
> > As I mentioned earlier, it will be important to
> > clarify this case as clients using piggybacked
> > OCSPResponses (such as those implementing the TLS
> > extension) may receive a response that contains a
> > nonce (the one the server generated) event though
> > they did not send one.
> 
> Alex,
> 
> To be clear, are you referring to server-unilateral nonces?

No.

> 
> Or to the fact that a TLS server may have in cache a nonced 
> response (retained as a consequence of a prior nonced 
> request) that it sends back in the TLS handshake even though 
> the TLS client did not supply a nonce in its embedded OCSP request?

Yes...this is what I was referring to.  

Alex

Prev by Date: RE: DISCUSS: MUST reject in OCSPv1
Next by Date: Re: DN Encoding by UTF8String
Previous by thread: RE: DISCUSS: MUST reject in OCSPv1
Next by thread: WG Last Call: Additional Algorithms for RSA cryptography
Index(es):
- Date
- Thread