Re: [TLS] OCSP Stapling in RFC 6066
Jeremy Harris <jgh@wizmail.org> Fri, 13 February 2015 10:44 UTC
Return-Path: <jgh@wizmail.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C6FD61A1BAA for <tls@ietfa.amsl.com>; Fri, 13 Feb 2015 02:44:23 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DryEp880YmCc for <tls@ietfa.amsl.com>; Fri, 13 Feb 2015 02:44:21 -0800 (PST)
Received: from wizmail.org (wizmail.org [IPv6:2a00:1940:107::2:0:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8D19E1A1B91 for <tls@ietf.org>; Fri, 13 Feb 2015 02:44:20 -0800 (PST)
Received: from [46.33.133.68] (helo=lap.dom.ain) from_AS 51561 by wizmail.org with esmtpsa (TLSv1.2:DHE-RSA-AES128-SHA:128) (Exim 4.85_67-fb3c72e) id 1YMDjM-0004O4-Fc (return-path <jgh@wizmail.org>); Fri, 13 Feb 2015 10:44:16 +0000
Message-ID: <54DDD57F.9080305@wizmail.org>
Date: Fri, 13 Feb 2015 10:44:15 +0000
From: Jeremy Harris <jgh@wizmail.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: "Fries, Steffen" <steffen.fries@siemens.com>, "mrex@sap.com" <mrex@sap.com>
References: <54DC9533.7070101@wizmail.org> <20150212185123.81BA01B19A@ld9781.wdf.sap.corp> <E6C9F0E527F94F4692731382340B33781D5227@DENBGAT9EH2MSX.ww902.siemens.net>
In-Reply-To: <E6C9F0E527F94F4692731382340B33781D5227@DENBGAT9EH2MSX.ww902.siemens.net>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
X-Pcms-Received-Sender: [46.33.133.68] (helo=lap.dom.ain)
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/u63pFnHiOiJswYPuKY2So4Bb8f8>
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] OCSP Stapling in RFC 6066
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Feb 2015 10:44:24 -0000
On 13/02/15 09:58, Fries, Steffen wrote: > to be frank, I checked RC 6961 before but did not mention it in my initial request. I did not see the option to also use the extension to transmit the OCSP information for the client certificate. Hence the question regarding applying the extension via the generic extensions mechanism. Indeed; it's just the support for status on the entire chain I'm suggesting, not the mechanism. -- Cheers, Jeremy
- [TLS] OCSP Stapling in RFC 6066 Fries, Steffen
- Re: [TLS] OCSP Stapling in RFC 6066 Salz, Rich
- Re: [TLS] OCSP Stapling in RFC 6066 Fries, Steffen
- Re: [TLS] OCSP Stapling in RFC 6066 Jeremy Harris
- Re: [TLS] OCSP Stapling in RFC 6066 Martin Rex
- Re: [TLS] OCSP Stapling in RFC 6066 Fries, Steffen
- Re: [TLS] OCSP Stapling in RFC 6066 Jeremy Harris