[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[IETF-PKIX] New Draft for Checking the Status of a Certificate - RCSP
Hi PKIX-land,
This message is to announce the existance of the draft:
"Internet Public Key Infrastructure Real Time Certificate Status
Protocol - RCSP", C. Adams, Ambarish Malpani, Rich Ankney, Slava
Galperin, 03/13/1998. (22007 bytes)
You can find it at:
ftp://ietf.org/internet-drafts/draft-malpani-rcsp-00.txt
It uses ASN.1 and fixes a bunch of other issues with OCSP.
Some of the main fixes are:
- uses ASN.1
- it is independent of the transport layer
- allows checking of multiple certs/cert chains in a single query
- supports multiple response types
- supports a better way of identifying certificates
- talks explicitly about revoked/non-revoked rather than valid/invalid
- clearly identifies who is authorized to respond to requests and
how you can identify responders.
I would like to hear comments about it and people's feeling of
whether this addresses their needs better than OCSP.
Thanks,
Ambarish
--
---------------------------------------------------------------------
Ambarish Malpani
Architect (650) 849-9880
ValiCert, Inc. ambarish@valicert.com
3160 W. Bayshore Road http://www.valicert.com
Palo Alto, CA 94303