we need explicit schema support (in Signature 1.1) for explicit OCSP
responses, for the latter a processing rule in widgets signature may
be enough. Perhaps this does not need to be required must in the
widgets spec, depends on requirements.
Mark, I believe you mentioned you have additional thoughts on these
requirements.
regards, Frederick
Frederick Hirsch
Nokia
On Feb 4, 2009, at 3:49 PM, ext Thomas Roessler wrote:
On 4 Feb 2009, at 21:45, Arthur Barstow wrote:
* Is supporting OCSP and CRL a MUST for v1?
Just for clarity, there are two possible requirements around OCSP and
CRLs:
- support embedding an OCSP response (or a CRL, or a link to a CRL)
in the mark-up of signatures
- support querying OCSP responders (and CRLs) as part of certificate
validation
I'd argue that the latter is more important than the former.
--
Thomas Roessler, W3C <[email protected]>
