[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RV: [caops-wg] Re: Grid OCSP proposal
- To: Oscar Manso <o.manso@certiver.com>
- Subject: Re: RV: [caops-wg] Re: Grid OCSP proposal
- From: Milan Sova <sova@cesnet.cz>
- Date: Fri, 29 Apr 2005 13:46:02 +0200
- Cc: caops-wg@ggf.org
- Delivered-to: grdfm-caops-wg-outgoing@mailbouncer.mcs.anl.gov
- Delivered-to: grdfm-caops-wg@mailbouncer.mcs.anl.gov
- In-reply-to: <20050321104801.DFC1812B24@mailbouncer.mcs.anl.gov>
- References: <20050321104801.DFC1812B24@mailbouncer.mcs.anl.gov>
- Sender: owner-caops-wg@ggf.org
- User-agent: Mozilla Thunderbird 0.6 (X11/20040530)
Hello.
The discussion has been a little quiet for some time.
I'm including a new version of the document. Here are some comments:
-- I've removed several occurrences of "suspend" and "suspended" basicly
in contexts like "revoked and suspended". IMO suspension is just a
special case of revocation.
-- Section 2, p.2
removed redundant "or invalidated" from "revoked or invalidated" in
-- corrected spelling of "openssl" to "OpenSSL" throughout the
document
-- removed (mostly my) comments from the document
-- Section 3, p.3:
Removed point about "establishing of authorized OCSP responders
between Grid CAs" being the way to achieve interoperability and
"trust relationships among Grid PKIs"
- it didn't make much sense to me
-- Section 3, p.3:
Removed point making requirements on the OCSP service provider
- I think it belongs into "Requirements" section.
-- Section 5.4, p.5:
crosslink to Section 4
removed "Another Responder discovery solution consist of
configuring a Global OCSP Redirector per domain in charge of
redirecting the relying party's OCSP request according to specified
parameters (i.e. OCSP load, network traffic, availability, etc.)."
- it is just a special case of a local trusted responder.
-- Section 5.7
"Revoked with status Suspended or OnHold"
-> "...with revocationReason certificateHold..."
-- Section 6.2
Crosslink to Section 4
-- Section 6.6
reverted the section back to Olle's version. The modified version
did not make much sense to me
-- Section 10
is empty - I didn't succeed to persuade my OpenOffice to get rid of
it ;(
-- Section 11
I'm not sure whether the statement of OCSP policies and Grid
Services fits inot the document spirit...
-- Section 14
replaced the Authorized Responder definition by a citation form
RFC2560
- are we really going to have a Definitions section? If so, it
would probably look better if we include some more of them ;)
Regards
--
Milan Sova
sova@cesnet.cz
Attachment:
OCSP_Requirements_for_Grids_ms.doc
Description: MS-Word document
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature