From: Phillip Hallam-Baker <[email protected]> Date: Wednesday, June 5, 2013 1:45 PM
<snip> >> > I thought we were talking about the CAs... > > For the Clients I would expect the situation to be binary, either they support > a feature or not. If they support direct delta CRLs and indirect but not > indirect deltas we are in trouble. You can limit the scope to CAs and identify the same subset of possibilities which could be used to prune what (new) implementations ought to be required to support. Maybe a taxonomy is not required and simply asking on a per feature basis is good enough. The combinations can get pretty nasty though. > <snip> >> Another good question. > > Easy to say what we think they should do in that one situation. But there are > many corner cases that the clients have to support. > > Very easy to assume that we know the answers. I think we can safely say that nothing in a mass market trust anchor store ought to be configured by default such that subordinate OCSP responders can issue responses for any CA.
_______________________________________________ wpkops mailing list [email protected] https://www.ietf.org/mailman/listinfo/wpkops
