[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [IETF-PKIX] OCSP at IETF

To: IETF-PKIX@xxxxxxxxxxxxxxxx
Subject: Re: [IETF-PKIX] OCSP at IETF
From: Michael Myers <mmyers@xxxxxxxxxxxx>
Date: Fri, 17 Apr 1998 08:42:47 -0700
Approved-by: Michael Myers <mmyers@VERISIGN.COM>
Importance: Normal
In-reply-to: <>
Reply-to: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>
Sender: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>

I agree.  In fact, I had some archive language in an earlier draft.  So
shall it be written--as an optional extension.



> -----Original Message-----
> From: IETF X.509-based public key infrastructure mailing list
> [mailto:IETF-PKIX@LISTS.TANDEM.COM]On Behalf Of Jeff Weinstein
> Sent: Friday, April 17, 1998 1:58 AM
> To: IETF-PKIX@LISTS.TANDEM.COM
> Subject: Re: [IETF-PKIX] OCSP at IETF
>
>
> I strongly agree with Stephen on this.  One great value that OCSP
> services could add would be to provide historical as well as current
> revocation information.
>
>         --Jeff
>
> Stephen Farrell wrote:
> >
> > Hi Mike,
> >
> > Not sure if this needs a change, but...
> >
> > Part 1 now has a time input to the cert validation
> > algorithm (the time at which the cert should have been/be
> > valid).
> >
> > If OCSP is to fit seamlessly into this algorithm then you'll
> > need an extension to the request so that the response doesn't
> > refer to the current time, but to the time which was input
> > to the cert validation alg.
> >
> > Regards,
> > Stephen.
>

References:
- Re: [IETF-PKIX] OCSP at IETF
  - From: Jeff Weinstein

Prev by Date: Re: [IETF-PKIX] OCSP Status Information on a Certificate
Next by Date: [IETF-PKIX] I-D ACTION:draft-ietf-pkix-opp-ftp-http-03.txt
Previous by thread: Re: [IETF-PKIX] OCSP at IETF
Next by thread: Re: [IETF-PKIX] OCSP at IETF
Index(es):
- Date
- Thread