A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : OCSP over DNS (ODIN)
Author : Massimiliano Pala
Filename : draft-pala-odin-00.txt
Pages : 7
Date : 2016-04-08
Abstract:
With the increase number of protocols and applications that rely on
digital certificates to authenticate either the communication channel
(TLS) or the data itself (PKIX), the need for providing an efficient
revocation system is paramount. Although the Online Certificate
Status Protocol (OCSP) allows for efficient lookup of the revocation
status of a certificate, the distribution of this information via
HTTP or HTTPS is not particularly efficient for high volume websites
without incurring in high distribution costs (e.g., CDN).
This draft describes how to provide pre-signed OCSP responses via the
DNS system in order to leverage its distributed nature and, therefore
lowering operational costs for Certification Authorities.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-pala-odin/
There's also a htmlized version available at:
https://tools.ietf.org/html/draft-pala-odin-00
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
