ocsp requirements n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
OCSP Requirements PowerPoint Presentation
Download Presentation
OCSP Requirements

Loading in 2 Seconds...

play fullscreen
1 / 6

OCSP Requirements - PowerPoint PPT Presentation


  • 136 Views
  • Uploaded on

OCSP Requirements. GGF13. Refreshener. OCSP = Online Certificate Status Protocol (RFC2560) Removes(?) burden of CRL distribution and update Clients still have to do path validation! Lightweight request/response (HTTP). Changes since last time. Document “finish” applied

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'OCSP Requirements' - alyn


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
refreshener
Refreshener
  • OCSP = Online Certificate Status Protocol (RFC2560)
  • Removes(?) burden of CRL distribution and update
  • Clients still have to do path validation!
  • Lightweight request/response (HTTP)
changes since last time
Changes since last time
  • Document “finish” applied
    • Missing sections added
    • Complete reformat
    • Corrections based on (marginal) feedback
  • Last week
    • Additional comments from Spain
updated architecture
Updated architecture

Periodic CRL download

OCSP protocol

CA

Push, Delta CRLs

site/organization boundary

CA

CA

OCSPcache

CRLcache

OCSPclient

AuthorizedResponder

TrustedResponder

CA

OCSP

client

CA

CA

CA

CA

PMA

TrustedResponder

outstanding issues
Outstanding issues
  • Signed requests
  • Stronger differentiation on suspension vs revocation
  • Use of OCSP response extensions to convey additional (validation) information
  • More wording on Delta CRLs
  • Notion of a caution period (RFC3125)
moving forward
Moving forward
  • Address the Spanish contributions
  • Move towards WG last call
  • Have document in public comment before GGF14