W3C home > Mailing lists > Public > www-xkms@w3.org > September 2004

Re: RespondWith and OCSP

From: Shivaram Mysore <shivarammysore@yahoo.com>
Date: Wed, 1 Sep 2004 20:34:21 -0700 (PDT)
Message-ID: <20040902033421.35545.qmail@web51509.mail.yahoo.com>
To: tommy lindberg <lindberg_tommy@hotmail.com>, www-xkms@w3.org
Hi Tommy,
 
Point well made.  
In the DSig Spec [1] there is no reference to PKIX OCSP Token.  Hence, this is the text that I am planning to add in the corresponding description:
 
"A new ds:X509DataType element of type base64Binary value is expected in the response value of <ds:X509Data>."
 
Another mistake that I saw in the spec was 2 rows above, instead of QName "X509Cert" it must be "X509Certificate"
 
[1] http://www.w3.org/TR/xmldsig-core/#sec-X509Data


tommy lindberg <lindberg_tommy@hotmail.com> wrote:


I understand the RequestAbstractType.RespondWith elements indicate what data 
items the requestor is interested in receiving in a result message and that 
a service is encouraged to honor these indications to the best of its 
ability.

Section 3.2.3 Element has a table that is pretty much clear 
except for the row that contains the following:

OCSP PKIX OCSP token that validates an X509v3 certificate that 
authenticates the key

If the "PKIX OCSP token" is a quantity that the service is meant to Respond 
With then what form does it take?

If the intent is to communicate a DER encoded OCSP ASN.1 type back to the 
requestor, should that not be specified in XKMS along with the markup that 
would carry it - presumably a new ds:X509DataType element of type 
base64Binary?

Or should this row be in the forementioned table in the first place?

Regards
Tommy

_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE* 
http://join.msn.com/?page=features/junkmail



		
---------------------------------
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
Received on Thursday, 2 September 2004 03:34:52 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:39:22 GMT