Hello again (one more time!), Even though we are still in the process of formally publishing this info, we would like to comment about the results obtained at this date with OGRO+Grid Validation Policy+GT4. Maybe some of them could be interesting for the "OCSP Requirements for Grids" document. We have measured the time elapsed in validating through OCSP (OGRO) a Proxy Certificate Path i) at the client-side when the user creates it by executing "grid-proxy-init" and, ii) at the server-side when the GT4's WSRF Container receives a Grid Service invokation (CounterService) through the secure message mechanism. In both cases we were using different Grid Validation Policies to understand the overhead introduced when customizing parameters like use of digital signatures, nonces, HTTP/HTTPS, fault tolerance, etc. In most of the cases the results showed that the decision to protect the OCSP Request with digital signatures, nonce and HTTPS introduces an overhead which is practically non-existent when compared with the overhead of communicating with the OCSP Responder itself. To aliviate such overhead we have implemented a mechanism called pre-validation, which embeds the OCSP Response as a Proxy Certificate extension when such credential is being created by the client. When the server needs to validate such data, it merely needs to extract the pre-validation data from the Proxy and procced with the usual OCSP verification process. In our tests we have measured elapsed times 30% lower than those obtained with "traditional" OCSP validation at the server (WSRF Container). Hope this information may be useful for the document. Best regards (finally!), Oscar & Jesus