Re: LAAP performance issues

[Sean Turner <turners@xxxxxxxx>]

The model in the draft doesn't explicitly restrict the model to be for
the
"never revoke" method in draft-ietf-pkix-ac509prof-01.txt.  Should we
add a new
request and response to support revocation or was it intended to use
OCSP to get
revocation information?

Cheers,

spt

Andy Dowling wrote:

> Hi Stephen, David
>
> some suggestions on LAAP performance:
>
> 1. Batch LAAP requests. Perhaps the LAAPRequestMessage could be replaced
> with
>     a SEQUENCE of LAAPRequestMessage, so that a LRQ could request multiple
> ACs
>     with a single LAAP request? (The LRP would evaluate each
> LAAPRequestMessage
>     in the SEQUENCE individually). This could result in a saving of network
> bandwidth in
>     cases where a large volume of ACs is to be pulled over LAAP.
>
> 2.  Support for a "keep-alive" TCP connection between LRQ and LRP.
>      One problem with this is that, at the socket layer, some LRP
> implementations may
>      timeout the socket after a couple of minutes of inactivity. Perhaps the
> use of a "null"
>      LAAP request could be used in order for the LRQ to force the connection
> to stay
>      alive at the socket layer. This seems like a strange idea, 'cos if the
> LRP supports
>      keep-alives then the LRP will set the to infinite lifetime anyway.
> Nonetheless, comments
>      on this would be appreciated....
>
> Thanks,
>
> Andy
>
> -----
> Andy Dowling
> SSE (A Siemens Company)
> Fitzwilliam Court, Leeson Close,
> Dublin 2, Ireland
>
> E-Mail:  andy.dowling@sse.ie
> Web: http://www.sse.ie
> Phone: +353 1 216 2021
> Fax:   +353 1 216 2082