To:
<ietf-whois@imc.org>, <ietf-provreg@cafax.se>
From:
"William Tan" <william.tan@i-dns.net>
Date:
Mon, 5 Mar 2001 03:45:15 +0800
Sender:
owner-ietf-provreg@cafax.se
Subject:
Signed response
The PKIX WG has a Online Cert Status Protocol (OCSP) proposal where the CA runs a service like this answering queries about the status of issued certificates, signing the responses. The concept of signed response by the CA (in this case, registry / registrar) may be an important requirement for whois and status request on provreg. The reasons are: 1. Result of whois & status queries have been used by lawyers as evidence in court of law 2. Authenticity of content - client can verify the integrity of the answer (important data to sign would be 'Database-updated-date', the query result, or 'No-such-record-at-this-time'). Maybe we should consider this part of the requirement. wil.