[cabfpub] Ballot[80] - BR Response for non-issued certificates
Eddy Nigg (StartCom Ltd.)
eddy_nigg at startcom.org
Mon Jul 23 12:23:33 MST 2012
On 07/23/2012 07:55 PM, From Rick Andrews:
> This gives me another reason to vote against this proposal - it
> doesn't include that statement. If that is your intent (eliminate the
> use of CRL-based OCSP responders) or if that is the practical effect
> of your proposal, I believe it should be spelled out clearly in the
> proposal for all to see and understand.
I think it's absolutely not relevant how or on what (technically) the
OCSP response is based as long as the response is correct. It can be a
combination of different DBs or lists. We would vote against it if it
explicitly states that a CRL can not be used.
I believe the internal technical workings of such a responder has
nothing lost in the guidelines. You may set a policy what it should do
under which circumstances, but that's it.
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cabforum.org/pipermail/public/attachments/20120723/91e7cb5f/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4506 bytes
Desc: S/MIME Cryptographic Signature
Url : http://cabforum.org/pipermail/public/attachments/20120723/91e7cb5f/attachment.bin
More information about the Public
mailing list