I can make this. I have to do this at home today, due to the short notice, & my telephone situation is not the best (my connection will be noisy). Beyond the discussion in email, here are some things I would suggest: Specifying (== "recommending") a format for the AIA URL in conforming CAs Spec a format for proxy registration URL Use the OCSP AIA Add to it Add new extension Describe the possibilities, leave for future standard Do we want to describe details of the registration protocol? No - leave for future standard Yes - just give basic requirements Technical question: how to specify a proxy revocation? I think the answer is, the complete chain from EE -> specific proxy cert Or can we count on specific proxy certs always being different from one another (key, attribute contents, time stamps, &c) so only a representation of the specific cert is needed? I hope so. Describe deployment usage scenarios a little more (as opposed to technical types): caching, local/VO-based, CA-based, clearinghouse Recommend PMA's or large VO's "sponsor" clearinghouse(s)? Recommend clearinghouses support proxy revocation registration? Document: Add a digest of recommendations at the beginning (sections like recommendations for client, for responders, for CAs (particularly), with recs just in bullet or short sentence format) Some minor wording changes (coming) Regards, ==mwh