- From: <spouliot@motus.com>
- Date: Mon, 25 Nov 2002 09:56:55 -0500
- To: Frederick.Hirsch@nokia.com
- Cc: www-xkms@w3.org, www-xkms-request@w3.org
> In brief - support for the OCSP KeyInfo format is MAY, but the XKMS
specification MUST define the OCSP format.
This is exactly was what I had in mind when I modified this requirement.
Regards,
--------------------------------------------------------------
Sébastien Pouliot
Architecte Sécurité / Security Architect
Motus Technologies
tel: 418 521 2100 ext 307
fax: 418 521 2101
courriel / email: spouliot@motus.com
Frederick.Hirsch
@nokia.com Pour : <www-xkms@w3.org>
Envoyé par : cc :
www-xkms-request Objet : OCSP rqmt agreed?
@w3.org
2002-11-22 09:18
I believe from the discussion on the teleconference that we are agreed that
the wording on the requirement
reqarding OCSP is acceptable.
Currently the requirement 2.5.4 [1] states that
"The following KeyInfo formats MUST be supported: KeyName, KeyValue, and
RetrievalMethod.The X509Certificate KeyInfo format MUST be supported by a
trust server if the service claims interoperability with PKIX X.509.
Additional KeyInfo formats such as X509Chain, OCSP, and X509CRL MAY be
supported. X509Chain and OCSP MUST be defined in the XKMS specifications.
X509CRL is defined in the XML Signature recommendation.The XKMS
registration Private format MUST be supported if the service supports
either service generated key pairs or key recovery.[List(Sebastien
Pouliot)]"
In brief - support for the OCSP KeyInfo format is MAY, but the XKMS
specification MUST define the OCSP format.
br, Frederick
[1] http://www.w3.org/2001/XKMS/Drafts/xkms-req.html
---------------------------------------
Frederick Hirsch
Technology Architect
Nokia Mobile Phones
5 Wayside Rd., Burlington, MA 01803 USA
frederick.hirsch@nokia.com
Received on Monday, 25 November 2002 09:56:01 UTC