Hi Jesus. Jesus Luna wrote:
Dear all, We really sorry for not being able to attend the next GGF meeting, but
Sorry for that...
on the other hand a couple of weeks ago we hosted here in Barcelona TERENA's TF-EMC2 meeting (presentations can be found in http://www.terena.nl/tech/task-forces/tf-emc2/meetings/sep05/agenda.html) and we had the opportunity to introduce CertiVeR's OCSP validation infrastructure for Grids. Such system is composed of two elements:
-In first place an OCSP Service which is currently configured as a Trusted/Authorized Responder for several Grid PKIs. As mentioned in TERENA's meeting, at this moment such service is being tested (Pilot Phase) and offered free of charge for those CAs whishing to use it. The list of CAs being served will grow in the next days, so please let us know your comments or questions about it. More information about the service can be obtained from: http://globus-grid.certiver.com/info/
Good job. Thank you. Just one small request: It seems that the HTTP server at (tacar|globus-grid).certiver.com cannot handle OCSP requests via HTTP/1.0 (no Host: header in the HTTP request). Unfortunately it severely limits usage of OpenSSL command-line ocsp client (which I usually use for testing) - it gets "400 Not Found" reponse to ent request. Could it be possible to reconfigure the HTTP server so that it would dispatch the requests based on some other criteria than the virtual host name? Maybe something like http://www.certiver.com/tacar-ocsp/ and http://www.certiver.com/grid-ocsp/ could do the job. Thanks again. Regards -- Milan Sova sova@cesnet.cz