Hi Philipp,
it is on my todo list to update the OCSP code. The current plan is to use the
new LibPKI library to simplify the crypto code. Anyhow, as you pointed out,
the current version does not support the GET {url}/{request} as usually all
the clients I tested it with used the POST method (which has to be used anyway
if the request is bigger than 255 bytes).I wil add it to the TODO list. After the release of the 1.0.0 version I shall start working on the OCSPD. Later, Max Philipp H. v. Loewenfeld wrote:
Hi, CAcert operates an OCSP responder based on OpenCA's. Currently OCSP requests to CAcert's responder <http://ocsp.cacert.org/> by Opera fail. The CAcert people referred this question to OpenCA since this is, where the code comes from. The people from Opera guess that the responder does not comply with RFC 2560 sec. A.1.1, specifically the part about GET requests for OCSP. If this guess is correct, could it be repaired? Otherwise: what could be the problem?
--
Best Regards,
Massimiliano Pala
--o------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED]
[EMAIL PROTECTED]
Dartmouth Computer Science Dept Home Phone: +1 (603) 397-3883
PKI/Trust - Office 063 Work Phone: +1 (603) 646-9179
--o------------------------------------------------------------------------
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ OpenCA-Devel mailing list OpenCA-Devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-devel
