Re: Matching CertIDs between OCSP requests and responses
Jeff Jacoby <jjacoby@rsasecurity.com> Tue, 20 March 2001 16:23 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id LAA11885 for <pkix-archive@odin.ietf.org>; Tue, 20 Mar 2001 11:23:56 -0500 (EST)
Received: from localhost by above.proper.com (8.9.3/8.9.3) with SMTP id IAA01861; Tue, 20 Mar 2001 08:23:18 -0800 (PST)
Received: by mail.imc.org (bulk_mailer v1.12); Tue, 20 Mar 2001 08:23:07 -0800
Received: from tholian.securitydynamics.com (mail.rsasecurity.com [204.167.112.129]) by above.proper.com (8.9.3/8.9.3) with SMTP id IAA01817 for <ietf-pkix@imc.org>; Tue, 20 Mar 2001 08:23:06 -0800 (PST)
Received: from sdtihq24.securid.com by tholian.securitydynamics.com via smtpd (for mail.imc.org [208.184.76.43]) with SMTP; 20 Mar 2001 16:20:58 UT
Received: from tuna.rsa.com (tuna.rsa.com [10.80.211.153]) by sdtihq24.securid.com (Pro-8.9.3/Pro-8.9.3) with ESMTP id LAA23508 for <ietf-pkix@imc.org>; Tue, 20 Mar 2001 11:23:06 -0500 (EST)
Received: from rsasecurity.com ([10.81.217.242]) by tuna.rsa.com (8.8.8+Sun/8.8.8) with ESMTP id IAA25138 for <ietf-pkix@imc.org>; Tue, 20 Mar 2001 08:25:47 -0800 (PST)
Message-ID: <3AB78286.47AD9B97@rsasecurity.com>
Date: Tue, 20 Mar 2001 08:17:10 -0800
From: Jeff Jacoby <jjacoby@rsasecurity.com>
Organization: RSA Security, Inc.
X-Mailer: Mozilla 4.75 [en] (WinNT; U)
X-Accept-Language: en
MIME-Version: 1.0
To: ietf-pkix@imc.org
Subject: Re: Matching CertIDs between OCSP requests and responses
References: <OF6716DD6D.38ACC6D3-ON80256A14.0060A5DA@Symbian.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-Archive: http://www.imc.org/ietf-pkix/mail-archive/
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: mailto:ietf-pkix-request@imc.org?body=unsubscribe
Content-Transfer-Encoding: 7bit
Jonathan,
[some snippage]
Reading both 2560 and the draft for v2, I see this regarding DER
encoding:
1. Before calculainting hashs and signatures DER is specified in
various sections
2. In section 4.1.1 Request Syntax, aside from items noted in 1.
above,
there is no other mention of a DER encoding requirment for requests
or
any part of the request
3. In section 4.2.1 ASN.1 Specification of the OCSP Response, there is
an explicit statement that DER shall be used for encoding of
BasicOCSPResonse
4. Appendix A OCSP over HTTP, there are explicit statements that DER is
to
be used (but no use of "SHALL" or "MUST") for both request and
responses
On point 3 alone -- and this may show off my ignorance of ASN.1 -- does
saying
that BasicOCSPResponse must be DER encoded ALSO mean all subbordinate
components
must be DER encoded as well?
On points 2 and 4 together, it seems that if I use another transport
protocol
I'm allowed to encode my requests in BER. Is this right?
Jeff
- Matching CertIDs between OCSP requests and respon… Jonathan.Tuliani
- RE: Matching CertIDs between OCSP requests and re… Michael Myers
- RE: Matching CertIDs between OCSP requests and re… Jonathan.Tuliani
- Re: Matching CertIDs between OCSP requests and re… Peter Gutmann
- Re: Matching CertIDs between OCSP requests and re… Jonathan.Tuliani
- Re: Matching CertIDs between OCSP requests and re… Peter Gutmann
- Re: Matching CertIDs between OCSP requests and re… Jonathan.Tuliani
- RE: Matching CertIDs between OCSP requests and re… Jonathan.Tuliani
- RE: Matching CertIDs between OCSP requests and re… Peter Gutmann
- RE: Matching CertIDs between OCSP requests and re… Ambarish Malpani
- RE: Matching CertIDs between OCSP requests and re… Michael Myers
- Re: Matching CertIDs between OCSP requests and re… Dr S N Henson
- RE: Matching CertIDs between OCSP requests and re… Ambarish Malpani
- RE: Matching CertIDs between OCSP requests and re… Grant, Alistair
- Re: Matching CertIDs between OCSP requests and re… Jeff Jacoby
- Re: Matching CertIDs between OCSP requests and re… Jonathan.Tuliani
- Re: Matching CertIDs between OCSP requests and re… Jeff Jacoby
- Re: Matching CertIDs between OCSP requests and re… Jonathan.Tuliani
- Re: Matching CertIDs between OCSP requests and re… Peter Gutmann
- some thoughts re DPD and DPV Stephen Kent
- RE: some thoughts re DPD and DPV Michael Myers
- Re: some thoughts re DPD and DPV Paul Hoffman / IMC
- Re: some thoughts re DPD and DPV Liaquat Khan
- RE: some thoughts re DPD and DPV Carlin Covey
- RE: some thoughts re DPD and DPV Carlin Covey
- Re: some thoughts re DPD and DPV Liaquat Khan
- Re: some thoughts re DPD and DPV Denis Pinkas
- Re: some thoughts re DPD and DPV Stephen Farrell
- Re: some thoughts re DPD and DPV Denis Pinkas
- Re: some thoughts re DPD and DPV Stephen Farrell
- Re: some thoughts re DPD and DPV Denis Pinkas
- Re: some thoughts re DPD and DPV Stephen Farrell
- RE: some thoughts re DPD and DPV Carlin Covey
- RE: some thoughts re DPD and DPV Carlin Covey
- Re: some thoughts re DPD and DPV Denis Pinkas
- Re: some thoughts re DPD and DPV Stephen Kent
- RE: some thoughts re DPD and DPV Stephen Kent
- Re: some thoughts re DPD and DPV Paul Hoffman / IMC
- Re: some thoughts re DPD and DPV Stephen Kent
- RE: some thoughts re DPD and DPV Stephen Kent
- Re: some thoughts re DPD and DPV Stephen Kent
- Re: some thoughts re DPD and DPV Paul Hoffman / IMC
- Re: some thoughts re DPD and DPV Stephen Kent
- slides anyone Stephen Kent