[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Major comments on OCSP (and LDAP Sec

To: "'Alan Lloyd'" <Alan.Lloyd@xxxxxxxxxxxxxxxxxxxx>
Subject: RE: Major comments on OCSP (and LDAP Sec
From: Anders Rundgren <anders.rundgren@xxxxxxxxx>
Date: Fri, 14 Aug 1998 10:20:34 +0200
Cc: "'Stefan Santesson'" <stefan@xxxxxxxxxxx>, "'ietf-pkix@xxxxxxx '" <ietf-pkix@xxxxxxx>, "'Mike Myers'" <mmyers@xxxxxxxxxxxx>, "'Ambarish Malpani'" <ambarish@xxxxxxxxxxxx>
Sender: owner-ietf-pkix@xxxxxxx

Hi Alan,
I basically agree to what you are saying on a technical basis.  Due to lack
of conformance and goals of different organizations I don't believe that
global X500 directories will ever happen except (maybe) for a few very specific 
100% standardized certificates of commercial interest.

My solution to this situation is an upgraded OCSP++ system:

http://www.jaybis.com/specifications/pkix/ocsp.html

This is IMO what could easily have been squeezed into V1.0.  Now I suspect OCSP 1.0 will
be short-lived, not particularly interoperable (lots of things are variable and suspect to interpretation), and offer too little.

Anders Rundgren
Senior Internet E-commerce Architect

Prev by Date: Re: ldapv2-schema and CA Certificates
Next by Date: Re: ldapv2-schema and CA Certificates
Previous by thread: RE: Major comments on OCSP (and LDAP Sec
Next by thread: RE: Major comments on OCSP (and LDAP Sec
Index(es):
- Date
- Thread