[cabfpub] Ballot[80] - BR Response for non-issued certificates

Eddy Nigg (StartCom Ltd.) eddy_nigg at startcom.org
Mon Jul 23 19:23:33 UTC 2012


On 07/23/2012 07:55 PM, From Rick Andrews:
> This gives me another reason to vote against this proposal - it 
> doesn't include that statement. If that is your intent (eliminate the 
> use of CRL-based OCSP responders) or if that is the practical effect 
> of your proposal, I believe it should be spelled out clearly in the 
> proposal for all to see and understand.

I think it's absolutely not relevant how or on what (technically) the 
OCSP response is based as long as the response is correct. It can be a 
combination of different DBs or lists. We would vote against it if it 
explicitly states that a CRL can not be used.

I believe the internal technical workings of such a responder has 
nothing lost in the guidelines. You may set a policy what it should do 
under which circumstances, but that's it.

Regards
Signer: 	Eddy Nigg, COO/CTO
	StartCom Ltd. <http://www.startcom.org>
XMPP: 	startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: 	Join the Revolution! <http://blog.startcom.org>
Twitter: 	Follow Me <http://twitter.com/eddy_nigg>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20120723/91e7cb5f/attachment-0004.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4506 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20120723/91e7cb5f/attachment-0002.p7s>


More information about the Public mailing list