Online Certificate Status Protocol (OCSP) Extensions to IKEv2
draft-myers-ikev2-ocsp-05
Revision differences
Document history
| Date | Rev. | By | Action |
|---|---|---|---|
|
2012-08-22
|
05 | (System) | post-migration administrative database adjustment to the No Objection position for Jari Arkko |
|
2006-11-14
|
05 | (System) | IANA Action state changed to Waiting on RFC Editor from RFC-Ed-Ack |
|
2006-11-13
|
05 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on Authors |
|
2006-11-10
|
05 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
|
2006-11-08
|
05 | (System) | Request for Early review by SECDIR is assigned to Bernard Aboba |
|
2006-11-08
|
05 | (System) | Request for Early review by SECDIR is assigned to Bernard Aboba |
|
2006-11-03
|
05 | Amy Vezza | State Changes to RFC Ed Queue from Approved-announcement sent by Amy Vezza |
|
2006-11-01
|
05 | Amy Vezza | IESG state changed to Approved-announcement sent |
|
2006-11-01
|
05 | Amy Vezza | IESG has approved the document |
|
2006-11-01
|
05 | Amy Vezza | Closed "Approve" ballot |
|
2006-10-26
|
05 | Russ Housley | State Changes to Approved-announcement to be sent from IESG Evaluation::AD Followup by Russ Housley |
|
2006-10-25
|
05 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
|
2006-10-25
|
05 | (System) | New version available: draft-myers-ikev2-ocsp-05.txt |
|
2006-09-29
|
05 | (System) | Removed from agenda for telechat - 2006-09-28 |
|
2006-09-28
|
05 | Amy Vezza | State Changes to IESG Evaluation::Revised ID Needed from IESG Evaluation by Amy Vezza |
|
2006-09-28
|
05 | Jari Arkko | [Ballot Position Update] Position for Jari Arkko has been changed to No Objection from Discuss by Jari Arkko |
|
2006-09-28
|
05 | Bill Fenner | [Ballot Position Update] New position, No Objection, has been recorded by Bill Fenner |
|
2006-09-28
|
05 | Jon Peterson | [Ballot Position Update] New position, No Objection, has been recorded by Jon Peterson |
|
2006-09-28
|
05 | Lisa Dusseault | [Ballot Position Update] New position, No Objection, has been recorded by Lisa Dusseault |
|
2006-09-27
|
05 | David Kessens | [Ballot Position Update] New position, No Objection, has been recorded by David Kessens |
|
2006-09-27
|
05 | Sam Hartman | [Ballot Position Update] New position, Yes, has been recorded by Sam Hartman |
|
2006-09-27
|
05 | Jari Arkko | [Ballot discuss] > The sender of an OCSP request CERTREQ SHOULD accept an IKEv2 exchange > if a corresponding OCSP response CERT payload is not … [Ballot discuss] > The sender of an OCSP request CERTREQ SHOULD accept an IKEv2 exchange > if a corresponding OCSP response CERT payload is not received. This > might be an indication that this OCSP extension is not supported. In > this case, the peer SHOULD attempt to determine certificate > revocation status by some other means. This appears something that should rather be configurable. If the policy of the sender is that it must be able to run OCSP, this document should not prevent it. Suggested edit: Note that the lack of an OCSP response CERT payload after sending an OCSP request CERT payload might be an indication that this OCSP extension is not supported. As a result, it is recommended that nodes be configured to require a response only if it is known that all peers do in fact support this extension. Otherwise, it is recommended that the nodes be configured to try OCSP and, if there is no response, attempt to determine certificate revocation status by some other means. > 5.2. Extended Authentication Protocol (EAP) This section should clearly state that the OCSP is used for the cert status check of the server side IKEv2 cert (and not, say, for the cert status check of either the EAP peer or server). > Note that while [IKEv2] allows for the optional > inclusion of a CERTREQ in (2), this document asserts no need of its > use. It is assumed that environments including this optional payload > and yet wishing to implement the OCSP extension to IKEv2 are > sufficiently robust as to accommodate this redundant payload. Is there a rationale for the existence of this CERTREQ payload? If not, perhaps we should simply deprecate it here. If yes, it may be inappropriate for the OCSP document to state anything about this payload -- remember that there are other payload types than 14. |
|
2006-09-27
|
05 | Jari Arkko | [Ballot Position Update] New position, Discuss, has been recorded by Jari Arkko |
|
2006-09-27
|
05 | Magnus Westerlund | [Ballot Position Update] New position, No Objection, has been recorded by Magnus Westerlund |
|
2006-09-27
|
05 | Mark Townsley | [Ballot Position Update] New position, No Objection, has been recorded by Mark Townsley |
|
2006-09-27
|
05 | Dan Romascanu | [Ballot Position Update] New position, No Objection, has been recorded by Dan Romascanu |
|
2006-09-26
|
05 | Lars Eggert | [Ballot Position Update] New position, No Objection, has been recorded by Lars Eggert |
|
2006-09-24
|
05 | Cullen Jennings | [Ballot Position Update] New position, No Objection, has been recorded by Cullen Jennings |
|
2006-09-20
|
05 | Russ Housley | State Changes to IESG Evaluation from Waiting for AD Go-Ahead by Russ Housley |
|
2006-09-20
|
05 | Russ Housley | Placed on agenda for telechat - 2006-09-28 by Russ Housley |
|
2006-09-20
|
05 | Russ Housley | [Ballot Position Update] New position, Yes, has been recorded for Russ Housley |
|
2006-09-20
|
05 | Russ Housley | Ballot has been issued by Russ Housley |
|
2006-09-20
|
05 | Russ Housley | Created "Approve" ballot |
|
2006-09-19
|
04 | (System) | New version available: draft-myers-ikev2-ocsp-04.txt |
|
2006-08-08
|
05 | (System) | State has been changed to Waiting for AD Go-Ahead from In Last Call by system |
|
2006-07-24
|
05 | Yoshiko Fong | IANA Last Call Comments: Upon approval of this document, the IANA will make the following assignment in the IKEv2 Certificate Encodings registry located at: http://www.iana.org/assignments/ikev2-parameters … IANA Last Call Comments: Upon approval of this document, the IANA will make the following assignment in the IKEv2 Certificate Encodings registry located at: http://www.iana.org/assignments/ikev2-parameters Value Certificate Encoding -------- ------------------------------ 14 OCSP Content We understand the above to be the only IANA Actions for this document. |
|
2006-07-12
|
03 | (System) | New version available: draft-myers-ikev2-ocsp-03.txt |
|
2006-07-11
|
05 | Amy Vezza | Last call sent |
|
2006-07-11
|
05 | Amy Vezza | State Changes to In Last Call from Last Call Requested by Amy Vezza |
|
2006-07-11
|
05 | Russ Housley | Last Call was requested by Russ Housley |
|
2006-07-11
|
05 | Russ Housley | State Changes to Last Call Requested from AD Evaluation::AD Followup by Russ Housley |
|
2006-07-11
|
05 | (System) | Ballot writeup text was added |
|
2006-07-11
|
05 | (System) | Last call text was added |
|
2006-07-11
|
05 | (System) | Ballot approval text was added |
|
2006-07-11
|
05 | (System) | IANA Action state changed to In Progress |
|
2006-06-29
|
05 | (System) | Sub state has been changed to AD Follow up from New Id Needed |
|
2006-06-29
|
02 | (System) | New version available: draft-myers-ikev2-ocsp-02.txt |
|
2006-06-13
|
05 | Russ Housley | Comments sent to the authors on 17-Apr-2006. A revised I-D will be needed to address the comments. |
|
2006-06-13
|
05 | Russ Housley | State Changes to AD Evaluation::Revised ID Needed from AD Evaluation by Russ Housley |
|
2006-06-13
|
05 | Russ Housley | State Changes to AD Evaluation from Publication Requested by Russ Housley |
|
2006-04-05
|
05 | Russ Housley | Draft Added by Russ Housley in state Publication Requested |
|
2006-02-03
|
01 | (System) | New version available: draft-myers-ikev2-ocsp-01.txt |
|
2005-09-26
|
00 | (System) | New version available: draft-myers-ikev2-ocsp-00.txt |