[cabfpub] Non url-encoded OCSP requests using the GET method
Mads Egil Henriksveen
Mads.Henriksveen at buypass.no
Mon Mar 31 08:11:42 UTC 2014
Hi
We have during the last months received a lot of OCSP requests using the GET method where it is questionable whether they satisfy the requirements or not.
RFC 6960 states that:
An OCSP request using the GET method is constructed as follows:
GET {url}/{url-encoding of base-64 encoding of the DER encoding of
the OCSPRequest}
The base-64 encoding may contain reserved characters like "/" and our interpretation is that such reserved characters should be percent-encoded (i.e. "%/") according to RFC 3986.
However, we receive a lot of OCPS requests where this encoding requirements are not satisfied, and we intend to start rejecting such requests.
Has anyone identified this as an issue and what should the recommended behavior be in this case?
Regards
Mads
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20140331/05bb6fc8/attachment-0002.html>
More information about the Public
mailing list