[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: DISCUSS: MUST reject in OCSPv1

To: "Deacon, Alex" <alex@xxxxxxxxxxxx>, "Tom Gindin" <tgindin@xxxxxxxxxx>
Subject: RE: DISCUSS: MUST reject in OCSPv1
From: "Michael Myers" <mmyers@xxxxxxxxx>
Date: Mon, 15 Dec 2003 10:54:10 -0700
Cc: <ietf-pkix@xxxxxxx>
Importance: Normal
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

> -----Original Message-----
> From: Deacon, Alex [mailto:alex@xxxxxxxxxxxx]
> Sent: Monday, December 15, 2003 10:21 AM
>
> As I mentioned earlier, it will be important to
> clarify this case as clients using piggybacked
> OCSPResponses (such as those implementing the TLS
> extension) may receive a response that contains a
> nonce (the one the server generated) event though
> they did not send one.

Alex,

To be clear, are you referring to server-unilateral nonces?

Or to the fact that a TLS server may have in cache a nonced
response (retained as a consequence of a prior nonced request)
that it sends back in the TLS handshake even though the TLS
client did not supply a nonce in its embedded OCSP request?

Mike

References:
- RE: DISCUSS: MUST reject in OCSPv1
  - From: Deacon, Alex

Prev by Date: RE: DISCUSS: MUST reject in OCSPv1
Next by Date: RE: DISCUSS: MUST reject in OCSPv1
Previous by thread: RE: DISCUSS: MUST reject in OCSPv1
Next by thread: RE: DISCUSS: MUST reject in OCSPv1
Index(es):
- Date
- Thread