Mike Helm wrote:
Does your product make any provision for caching responses? -- caops-wg mailing list caops-wg@ogf.org http://www.ogf.org/mailman/listinfo/caops-wg
Hello Mike and Jim, Sorry for the delayed responses :) First of all I think that Jim's implementation is of great value and a good step towards finally supporting OCSP into Grids. In the last months we (at UPC) have been planning to port OGRO to C language, unfortunately we don't have enough resources (aka volunteers) to do the job and instead both Oscar Manso (Grid-OCSP server) and me (Grid-OCSO client) have tried to evolve the OGRO middleware thanks to our research on Grid-validation and comments from the users community. We expect to contact Frank Siebenlist in the following days with an updated/debugged OGRO version, to see if it's possible to included it as a patch to the GT's Java Core. So from my point of view thanks to Jim's effort we may be able to: i) Finish for good (that's the correct English phrase?) the OCSP Reqs Document. As far as I remember, the version posted at the CAOPS' site was in need of a readability checking and now we may need to update appendixes A.3 (MyProxy example) and B (client conf examples) according to Jim's experience and comments. ii) If possible I'd like to use Jim's source code to begin working towards a "OGRO-C" which may be configured in a way similar to the Java-based version. Potential users would be happy to configure its clients in an analogous way and now we are closer to that if you believe that OGRO's config file may be useful. I'd try to work towards this goal in the short-term ;) Finally about Responses' caching: in OGRO we implemented this feature as an add-on to the JCE Provider being used (currently Bouncy Castle/IAIK), by keeping an in-memory structure that's constantly being purged of non-definitive cert statuses. As I told you this may added into the OGRO-C port thanks to Jim's client. In any case you might be interested into this one: “OCSP for Grids: Comparing Prevalidation versus Caching”. Luna, Jesús. Manso, Oscar. Manel, Medina. Accepted for the 7th IEEE/ACM International Conference on Grid Computing, Barcelona, September 2006. http://www.grid2006.org/ I don't know if it can be posted here, but if you're interested then for research purposes you can contact me directly. :) Best regards, -- <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><> o o o Jesus Luna Garcia | Polytechnic University of Catalonia o o o PhD Student | Department of Computer Architecture o o o phone: +34 93 401 7187 | Campus Nord. www.ac.upc.es U P C fax: +34 93 401 7055 | C/Jordi Girona 1-3, Modul D6-116 E-mail: jluna@ac.upc.es | Barcelona 08034 SPAIN <><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>