Re: Matching CertIDs between OCSP requests and responses
Jeff Jacoby <jjacoby@rsasecurity.com> Tue, 20 March 2001 16:23 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id LAA11885 for <pkix-archive@odin.ietf.org>; Tue, 20 Mar 2001 11:23:56 -0500 (EST)
Received: from localhost by above.proper.com (8.9.3/8.9.3) with SMTP id IAA01861; Tue, 20 Mar 2001 08:23:18 -0800 (PST)
Received: by mail.imc.org (bulk_mailer v1.12); Tue, 20 Mar 2001 08:23:07 -0800
Received: from tholian.securitydynamics.com (mail.rsasecurity.com [204.167.112.129]) by above.proper.com (8.9.3/8.9.3) with SMTP id IAA01817 for <ietf-pkix@imc.org>; Tue, 20 Mar 2001 08:23:06 -0800 (PST)
Received: from sdtihq24.securid.com by tholian.securitydynamics.com via smtpd (for mail.imc.org [208.184.76.43]) with SMTP; 20 Mar 2001 16:20:58 UT
Received: from tuna.rsa.com (tuna.rsa.com [10.80.211.153]) by sdtihq24.securid.com (Pro-8.9.3/Pro-8.9.3) with ESMTP id LAA23508 for <ietf-pkix@imc.org>; Tue, 20 Mar 2001 11:23:06 -0500 (EST)
Received: from rsasecurity.com ([10.81.217.242]) by tuna.rsa.com (8.8.8+Sun/8.8.8) with ESMTP id IAA25138 for <ietf-pkix@imc.org>; Tue, 20 Mar 2001 08:25:47 -0800 (PST)
Message-ID: <3AB78286.47AD9B97@rsasecurity.com>
Date: Tue, 20 Mar 2001 08:17:10 -0800
From: Jeff Jacoby <jjacoby@rsasecurity.com>
Organization: RSA Security, Inc.
X-Mailer: Mozilla 4.75 [en] (WinNT; U)
X-Accept-Language: en
MIME-Version: 1.0
To: ietf-pkix@imc.org
Subject: Re: Matching CertIDs between OCSP requests and responses
References: <OF6716DD6D.38ACC6D3-ON80256A14.0060A5DA@Symbian.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Precedence: bulk
List-Archive: http://www.imc.org/ietf-pkix/mail-archive/
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: mailto:ietf-pkix-request@imc.org?body=unsubscribe
Content-Transfer-Encoding: 7bit
Jonathan, [some snippage] Reading both 2560 and the draft for v2, I see this regarding DER encoding: 1. Before calculainting hashs and signatures DER is specified in various sections 2. In section 4.1.1 Request Syntax, aside from items noted in 1. above, there is no other mention of a DER encoding requirment for requests or any part of the request 3. In section 4.2.1 ASN.1 Specification of the OCSP Response, there is an explicit statement that DER shall be used for encoding of BasicOCSPResonse 4. Appendix A OCSP over HTTP, there are explicit statements that DER is to be used (but no use of "SHALL" or "MUST") for both request and responses On point 3 alone -- and this may show off my ignorance of ASN.1 -- does saying that BasicOCSPResponse must be DER encoded ALSO mean all subbordinate components must be DER encoded as well? On points 2 and 4 together, it seems that if I use another transport protocol I'm allowed to encode my requests in BER. Is this right? Jeff
- Matching CertIDs between OCSP requests and respon… Jonathan.Tuliani
- RE: Matching CertIDs between OCSP requests and re… Michael Myers
- RE: Matching CertIDs between OCSP requests and re… Jonathan.Tuliani
- Re: Matching CertIDs between OCSP requests and re… Peter Gutmann
- Re: Matching CertIDs between OCSP requests and re… Jonathan.Tuliani
- Re: Matching CertIDs between OCSP requests and re… Peter Gutmann
- Re: Matching CertIDs between OCSP requests and re… Jonathan.Tuliani
- RE: Matching CertIDs between OCSP requests and re… Jonathan.Tuliani
- RE: Matching CertIDs between OCSP requests and re… Peter Gutmann
- RE: Matching CertIDs between OCSP requests and re… Ambarish Malpani
- RE: Matching CertIDs between OCSP requests and re… Michael Myers
- Re: Matching CertIDs between OCSP requests and re… Dr S N Henson
- RE: Matching CertIDs between OCSP requests and re… Ambarish Malpani
- RE: Matching CertIDs between OCSP requests and re… Grant, Alistair
- Re: Matching CertIDs between OCSP requests and re… Jeff Jacoby
- Re: Matching CertIDs between OCSP requests and re… Jonathan.Tuliani
- Re: Matching CertIDs between OCSP requests and re… Jeff Jacoby
- Re: Matching CertIDs between OCSP requests and re… Jonathan.Tuliani
- Re: Matching CertIDs between OCSP requests and re… Peter Gutmann
- some thoughts re DPD and DPV Stephen Kent
- RE: some thoughts re DPD and DPV Michael Myers
- Re: some thoughts re DPD and DPV Paul Hoffman / IMC
- Re: some thoughts re DPD and DPV Liaquat Khan
- RE: some thoughts re DPD and DPV Carlin Covey
- RE: some thoughts re DPD and DPV Carlin Covey
- Re: some thoughts re DPD and DPV Liaquat Khan
- Re: some thoughts re DPD and DPV Denis Pinkas
- Re: some thoughts re DPD and DPV Stephen Farrell
- Re: some thoughts re DPD and DPV Denis Pinkas
- Re: some thoughts re DPD and DPV Stephen Farrell
- Re: some thoughts re DPD and DPV Denis Pinkas
- Re: some thoughts re DPD and DPV Stephen Farrell
- RE: some thoughts re DPD and DPV Carlin Covey
- RE: some thoughts re DPD and DPV Carlin Covey
- Re: some thoughts re DPD and DPV Denis Pinkas
- Re: some thoughts re DPD and DPV Stephen Kent
- RE: some thoughts re DPD and DPV Stephen Kent
- Re: some thoughts re DPD and DPV Paul Hoffman / IMC
- Re: some thoughts re DPD and DPV Stephen Kent
- RE: some thoughts re DPD and DPV Stephen Kent
- Re: some thoughts re DPD and DPV Stephen Kent
- Re: some thoughts re DPD and DPV Paul Hoffman / IMC
- Re: some thoughts re DPD and DPV Stephen Kent
- slides anyone Stephen Kent