Dear all, We have been reading the presentations made by some of you in the last GGF sessions and we would like to comment about OCSP and Proxy Certificates, due in part to the experience that we have achieved with our Open Grid Ocsp -OGRO- API and on the other hand with the spirit to finish as soon as possible the "OCSP requirements for Grids" document. Next you'll receive three follow-ups to this email related with the Proxy Certificate's topic: -First we will present our point of view about the proposal of encoding AIA in first-level Proxy Cert, as mentioned in the presentation "OCSP-GGF15.ppt" available on the CAOPS-WG' Web page. -In second place we would like to comment about the "Which OCSP Responder to Trust?" topic, also mentioned in the PPT. -Finally we would like to briefly present the results of some tests done in the last weeks with OGRO and its Grid Validation Policy. We have not only tested several policy configurations (i.e. signing the Requests, using nonces and sending OCSP over HTTPS), but also implemented a mechanism to further improve OCSP validation perfomance in Grids, called "OCSP Pre-validation" which is being beta-tested in our installations prior to be published in OGRO's Web page. In any case, based in your comments we may be able to commit asap to the list the draft text for the document's Proxy Validation section. Best regards form Barcelona, Oscar & Jesus