Replaces the base64url-encoded OCSP CertID with a much simpler construction: the concatenation of the certificate's AKID and its Serial. Both of these values are available from the end-entity certificate itself, without needing access to the issuer cert. Additionally, this approach doesn't require any ability to serialize ASN.1 structures, and includes algorithm agility by virtue of placing the CA in control of the algorithm used in the AKID extension.
Replaces the base64url-encoded OCSP CertID with a much simpler construction: the concatenation of the certificate's AKID and its Serial. Both of these values are available from the end-entity certificate itself, without needing access to the issuer cert. Additionally, this approach doesn't require any ability to serialize ASN.1 structures, and includes algorithm agility by virtue of placing the CA in control of the algorithm used in the AKID extension.
Fixes https://github.com/aarongable/draft-acme-ari/issues/43