[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: response to unauthorized OCSP reques
This is also how I interpreted sigRequired.
Current definition:
"The response sigRequired is returned in cases where the server requires
the client *to* sign the request in order to construct a response"
(I also do believe that the word *to*, marked above, is missing in the spec)
/Stefan
At 10:39 AM 8/11/98 +0200, Andreas Berger wrote:
>Graham Bland wrote:
>>
>> There is a sigRequired error response which specifically covers this
>> situation.
>I interpreted it as: A rquester sends an unsigned request. The OCSP
>responder does not want to act on this request, since it is unsigned.
>Therefore it answers with sigRequired, advising the requester to
>re-issue the request but this time signed.
>
>An unauthorized request sounds sensible to me. It can also be used if
>the responder bases its decision not to serve the request on other data
>(i.e. the request is unsigned).
>
>Andreas
>--
>Fifty-three percent of Fortune 1000 executives think the
>Arch Deluxe is something that helps to run a computer.
>-- Jericho Communications
>
>
-------------------------------------------------------------------
Stefan Santesson <stefan@accurata.se>
Accurata Systemsäkerhet AB
Lotsgatan 27 D Tel. +46-40 152211
216 42 Malmö Fax. +46-40 150790
Sweden Mobile +46-70 5247799
PGP fingerprint: 89BC 6C79 5B3D 591B 8547 1512 7D11 DBF4 528F 29A0
-------------------------------------------------------------------