IETF
pkix
pkix@jabber.ietf.org
Thursday, 8 November 2012< ^ >
mrex-ietf has set the subject to: PKIX-WG @ IETF-84
Room Configuration

GMT+0
[21:28:40] Stefan Santesson joins the room
[21:58:31] Stefan Santesson leaves the room
[22:15:02] Stefan Santesson joins the room
[22:33:15] yngve_n_pettersen joins the room
[22:35:19] PHB joins the room
[22:48:35] Sean Turner joins the room
[22:48:53] Satoru Kanno joins the room
[22:49:11] <yngve_n_pettersen> +1
[22:55:14] cw joins the room
[22:56:51] <yngve_n_pettersen> Opera 12.02 handle Unknown as a Fatal Error
[23:02:12] semery joins the room
[23:05:56] cw leaves the room: Disconnected: session closed
[23:08:01] <yngve_n_pettersen> Suspension is no longer allowed by BR; Ballot #93, approved yesterday
[23:08:43] <PHB> Suspension is not allows, but this is not cert suspension
[23:08:53] <PHB> This is saying that the cert never existed
[23:10:59] <yngve_n_pettersen> With psudo random serial numbers permanent revocation should not be a serious problem, since it is unlikely that the attacker can sollide the next serial number. If that is possible, better move to SHA-2 sigs soon
[23:13:41] <PHB> yngve, problem occurs when the certificate is issued and received slightly before the OCSP server is notified of its existence.
[23:14:03] <yngve_n_pettersen> That is a resolvable sequencing issue
[23:15:49] <yngve_n_pettersen> don't release the cert before the OCSP infrastructure can answer
[23:17:00] <yngve_n_pettersen> Mic: PHB: What about multi stapling?
[23:18:22] PHB leaves the room
[23:19:26] Satoru Kanno leaves the room
[23:20:15] yngve_n_pettersen leaves the room
[23:28:57] semery leaves the room
[23:34:17] cw joins the room
[23:34:24] cw leaves the room
[23:38:27] Sean Turner leaves the room
[23:42:03] Stefan Santesson leaves the room
Powered by ejabberd Powered by Erlang Valid XHTML 1.0 Transitional Valid CSS!