Add reference to OCSP? - Githubissues

lamps-wg / dilithium-certificates

I-D that describes the algorithm identifiers for NIST's PQC Dilithium algorithm for use in the Internet X.509 Public Key Infrastructure

Other

6 stars 3 forks source link

Add reference to OCSP? #10

Open csosto-pk opened 1 year ago

csosto-pk commented 1 year ago

From https://mailarchive.ietf.org/arch/msg/spasm/mHLRo-X8U7ZAF5BRjPEPA8lHQtk/

Should this document also talk about Dilithium signatures in OCSP? I realize that was not done when RFC 3279 and RFC 5480 were written. Russ

csosto-pk commented 1 year ago

Hmm, we did not do that RFC8692 recently either. But all these identifiers could be used in the SigAlgID in OCSP request/responses or staples as well. Probably it makes sense we reference OCSP in the draft.

csosto-pk commented 1 year ago

From Tim H.

I have a slight preference for keeping them separate. When OCSP and CRLs are discussed in the same document, it's often confusing because they're quite different, and it's difficult to keep clear what applies to one or the other, and what applies to both.

seanturner commented 3 months ago

We do need to add the sa- classes so that should get us some of the way there because those can be used by OCSP, PKCS#10, CMP, CMC, etc. But, as I mentioned in #12, we'll end up with some references dependencies we might not want.

csosto-pk commented 3 weeks ago

ACK, I am OK not referencing OCSP in ours.