[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [caops-wg] OCSP section 2

To: Olle Mulmo <mulmo@xxxxxxxxxx>
Subject: Re: [caops-wg] OCSP section 2
From: Jesus Luna <jluna@xxxxxxxxxx>
Date: Fri, 03 Jun 2005 16:38:21 +0200
Cc: caops-wg@xxxxxxx
Delivered-to: grdfm-caops-wg-outgoing@mailbouncer.mcs.anl.gov
Delivered-to: grdfm-caops-wg@mailbouncer.mcs.anl.gov
In-reply-to: <127d00c51f9b5bdf1b79b2fe2f2f5ed1@pdc.kth.se>
References: <127d00c51f9b5bdf1b79b2fe2f2f5ed1@pdc.kth.se>
Sender: owner-caops-wg@xxxxxxx
User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)

* In section 2 (former section 3) the following text was removed: "Grid’s Virtual Organizations may contain more than one CA, so establishment of OCSP Authorized Responders between them is essential to provide an interoperable service." When we proposed such change we were thinking in the importance of highlighting the co-existence of multiples CAs into the same VO as a practical challenge for Grid OCSP. What do you think?

I don't understand what this text is aiming at. Is it only to establish the fact that we operate in an environment with multiple trust anchors and that these need to be federated through e.g. a PMA, or is there something else between the lines?

"Authorized responders between them"... are you thinking of some cross-certification / bridge scenario?

/Olle

Sorry for the late response but in fact we had a confusion with the concept of "Authorized Responders", so about this point we agree with Olle.

Regards.

--

____________________
Jesus Luna Garcia
PhD Student. Polytechnic University of Catalonia
Barcelona, Spain
jluna@ac.upc.edu

Prev by Date: Re: [caops-wg] OCSP section 4
Next by Date: Re: [caops-wg] OCSP section 7
Previous by thread: Re: [caops-wg] OCSP - proxy certs
Next by thread: Re: [caops-wg] OCSP section 7
Index(es):
- Date
- Thread