[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AW: [iaik-ssl] Data Format of OCSP Request



Hello,

from the OCSP draft, version 2.01:

A.1 OCSP over HTTP

   This section describes the formatting that will be done to the
   request and response to support HTTP.

A.1.1 Request

   HTTP based OCSP requests can use either the GET or the POST method to
   submit their requests. To enable HTTP caching, small requests (that
   after encoding are less than 255 bytes), MAY be submitted using GET.
   If HTTP caching is not important, or the request is greater than 255
   bytes, the request SHOULD be submitted using POST.  Where privacy is
   a requirement, OCSP transactions exchanged using HTTP MAY be
   protected using either TLS/SSL or some other lower layer protocol.

   An OCSP request using the GET method is constructed as follows:

   GET {url}/{url-encoding of base-64 encoding of the DER encoding of
   the OCSPRequest}

   where {url} may be derived from the value of AuthorityInfoAccess or
   other local configuration of the OCSP client.

   An OCSP request using the POST method is constructed as follows: The
   Content-Type header has the value "application/ocsp-request" while
   the body of the message is the binary value of the DER encoding of
   the OCSPRequest.

A.1.2 Response

   An HTTP-based OCSP response is composed of the appropriate HTTP
   headers, followed by the binary value of the DER encoding of the
   OCSPResponse. The Content-Type header has the value
   "application/ocsp-response". The Content-Length header SHOULD specify
   the length of the response. Other HTTP headers MAY be present and MAY
   be ignored if not understood by the requestor.



You may look at demo.x509.ocsp.OCSPServerThread (part of the OCSP server demo)
on a sample where a request is read and a response is created.

Regards,
Dieter Bratko





-----Ursprüngliche Nachricht-----
Von: iaik-ssl-owner@iaik.tu-graz.ac.at
[mailto:iaik-ssl-owner@iaik.tu-graz.ac.at]Im Auftrag von Nauman Ahmad
Khan
Gesendet: Mittwoch, 07. November 2001 13:13
An: iaik-ssl@iaik.at; iaik-jce@iaik.at
Betreff: [iaik-ssl] Data Format of OCSP Request


Hello all,
I need a little help here.Is there any tupical format in which the OCSP 
client sends data to OCSPServer ? i mean to say that when OCSP client sends 
data to OCSP server, are there any required headers etc attached with it and 
the OCSP server has to take care of that or it is simply DER or PEM format ? 
what if the data is in Non-printable characters ?
i explain the whole scenario here. I am using Desktop Validator from 
Valicert to test my OCSP responder. When i receive data at Responder side 
using InputStream, and try to convert it to OCSPRequest class object, it 
gives error as Array Index Out Of Bound ... and if i try to print the data 
received, it is non-printable funny characters. I don't uderstand this 
format ... any help ???

Cheers and Have a Good Time
Nauman Ahmad Khan


_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp

--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl
 


--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-ssl/sslthreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-ssl