FCL/sftools/depl/docscontent: Symbian3/PDK/Source/GUID-90DF40EF-7D3F-551D-9957-A3756317A254.dita@51a74ef9ed63 (annotated)

5 f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	1	<?xml version="1.0" encoding="utf-8"?>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	2	<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	3	<!-- This component and the accompanying materials are made available under the terms of the License
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	4	"Eclipse Public License v1.0" which accompanies this distribution,
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	5	and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	6	<!-- Initial Contributors:
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	7	Nokia Corporation - initial contribution.
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	8	Contributors:
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	9	-->
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	10	<!DOCTYPE concept
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	11	PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	12	<concept id="GUID-90DF40EF-7D3F-551D-9957-A3756317A254" xml:lang="en"><title>OCSP
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	13	Overview</title><prolog><metadata><keywords/></metadata></prolog><conbody>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	14	<p>Online Certificate Status Protocol (OCSP) is an internet protocol that
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	15	determines whether a given <xref href="GUID-911E9F7E-D0AD-55EC-A3F4-1D427F803780.dita">certificate</xref> or
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	16	a list of certificates has been revoked, and therefore, determines whether
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	17	the certificate can be trusted. The protocol is defined in <xref href="http://www.ietf.org/rfc/rfc2560.txt" scope="external">RFC2560</xref>. </p>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	18	<p>On the Symbian platform, <xref href="GUID-0AED3485-D498-57F1-9532-116EA5C8F68B.dita">Secure
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	19	Software Install (SWI)</xref> uses OCSP to verify whether a certificate associated
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	20	with an application to be installed has been revoked. For details of how SWI
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	21	uses OCSP revocation check, see <xref href="GUID-C893C9E6-47B8-5149-9808-0274C61CF3D7.dita">OCSP
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	22	SWI Integration</xref>. </p>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	23	<section id="GUID-F07B2071-BF8B-4D22-B6F6-1282B2040376"><title>OCSP request and response</title> <p>OCSP primarily consists
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	24	of two parts: a request and a response, each specified in the Abstract Syntax
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	25	Notation One - Distinguished Encoding Rules (<xref href="http://tools.ietf.org/html/rfc4792" scope="external">ASN.1</xref> -DER) format. A client application that wants
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	26	to get information on the revocation status of a certificate, forms an OCSP
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	27	request and sends this to an OCSP server. In its simplest form, an OCSP request
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	28	consists of one or more identifiers for the certificates whose status is in
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	29	question. The request is sent to the OCSP server identified by a Uniform Resource
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	30	Identifier (URI). The URI is specified either in the Authority Information
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	31	Access (AIA) extension of the certificate whose revocation status is to be
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	32	checked, or as a global URI with the OCSP client. AIA is defined in <xref href="http://www.ietf.org/rfc/rfc2459.txt" scope="external">RFC2459</xref>. </p> <p>The
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	33	OCSP server maintains information about the revocation of certificates. The
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	34	server replies to the client with a signed OCSP response, mentioning the revocation
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	35	status for each certificate. A response being signed with a key pair is trusted
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	36	as authoritative by the client. Alternatively, a server can also return an
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	37	error code as response (refer to <xref href="http://www.ietf.org/rfc/rfc2560.txt" scope="external">RFC2560</xref> for details of the various OCSP errors). OCSP
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	38	is transport-neutral with the URI of the server indicating the required transport
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	39	mechanism. Currently, only Hypertext Transfer Protocol (HTTP) is supported. </p> <p>The
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	40	client, in turn, verifies whether the response is valid and is from a trusted
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	41	entity. </p> </section>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	42	<section id="GUID-B4A093DA-6968-4B17-A3A7-7FF4800DED3B"><title>OCSP client-server interaction</title> <p>The server to which
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	43	the request for revocation check is sent may not actually be the server which
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	44	is authoritative to answer the request, but may act as a proxy to the destination
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	45	server. For information on the server to which the request actually gets routed,
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	46	the client includes a <i>serviceLocator</i> extension (containing the URI)
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	47	in the OCSP request. </p> <p>There may be a <i>serviceLocator</i> extension
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	48	for each certificate in the request. Therefore, it is syntactically possible
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	49	for the request to be split into multiple parts, with each part routed to
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	50	a different OCSP responder (the server that actually responds to the OCSP
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	51	request). The intermediate server collates the individual responses into one
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	52	and returns this to the client. This response is signed only by the intermediate
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	53	server. In such a situation, the client must trust this intermediate server. </p> <p>Three
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	54	scenarios are associated with the routing of OCSP requests to the appropriate
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	55	responder through intermediate servers. They are as follows: </p> <ul>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	56	<li id="GUID-CD8AAEA0-AA94-58EA-978F-3C2E21A2FE9F"><p> <b>Single OCSP responder</b> </p> <p>One
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	57	OCSP server contains the revocation information for all the certificates to
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	58	be checked. One request containing all the certificates is sent to the responder
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	59	(in this case, the OCSP server), which replies with a single response. The
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	60	following figure illustrates the interaction between the OCSP client and a
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	61	single destination responder. </p> <fig id="GUID-11F6D229-29D0-510A-AB8A-64A906DC00F7">
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	62	<image href="GUID-8E3F3745-7875-51A2-BDA1-AA537C7B220E_d0e644296_href.png" placement="inline"/>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	63	</fig> </li>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	64	<li id="GUID-185C0C91-CC3F-5198-8EAB-BB1BF748A3D0"><p> <b>Multiple OCSP responders
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	65	using an intermediate OCSP server</b> </p> <p>Multiple OCSP responders use
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	66	an intermediate OCSP server to route requests to the appropriate destination
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	67	responders. One request is sent to the intermediate server, which sends multiple
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	68	individual requests to the destination responders. The responses are collated,
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	69	and one response is sent back to the client. The following figure shows the
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	70	interaction between an OCSP client and multiple destination responders by
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	71	using an intermediate responder. </p> <fig id="GUID-964E18AA-E4F7-5A71-A2F3-19F3007C24C6">
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	72	<image href="GUID-2EF123C9-62A2-52FF-9792-66EF41F37452_d0e644312_href.png" placement="inline"/>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	73	</fig> </li>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	74	<li id="GUID-F092252F-79EF-58E2-A596-77D3FC07CC54"><p> <b>Multiple OCSP responders
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	75	without an intermediate server</b> </p> <p>The client does the work of sending
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	76	each request to the appropriate responder. The client collates the responses
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	77	received. The following figure shows the interaction between the client and
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	78	multiple destination responders. </p> <fig id="GUID-223A3DB6-538E-5A4E-946C-87AA03449857">
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	79	<image href="GUID-A6F1F6AC-5D3C-5055-AEF1-B64671941BCB_d0e644328_href.png" placement="inline"/>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	80	</fig> </li>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	81	</ul> <p>The choice of the correct method of interaction between the client
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	82	and the responders depends on the nature of the Public Key Infrastructure
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	83	(PKI) and the availability of OCSP responders for routing requests as intermediates. </p> </section>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	84	<section id="GUID-891303A3-070F-40D2-9382-40A1165928DE"><title>Revocation check results</title> <p>If the response sent by
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	85	the OCSP server passes all the validation, the application that sends the
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	86	OCSP request determines the outcome by applying the following rules to the
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	87	certificate statuses in the response: </p> <ul>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	88	<li id="GUID-124E3CDE-7F74-5960-A92C-98B101644036"><p>If any certificate is
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	89	revoked, the result is <b>Revoked</b> </p> </li>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	90	<li id="GUID-C0AF0A69-28C4-528B-9E14-1AAF13CEA497"><p>If all certificates
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	91	are valid, the result is <b>Good</b> </p> </li>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	92	<li id="GUID-7BA5DACD-19B1-55CC-9378-28F4A47AAE12"><p>Otherwise, the result
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	93	is <b>Unknown</b>. </p> </li>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	94	</ul> <p> <b>Note:</b> A certificate status of <b>Good</b> does not indicate
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	95	that the certificate may be trusted. It merely indicates that the certificate
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	96	has not been revoked. The normal validation of that certificate (or the <xref href="GUID-A3B58436-07E4-565B-800B-86435D205461.dita">certificate chain</xref> in
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	97	which it lies) must still be performed. </p> </section>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	98	</conbody><related-links>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	99	<link href="GUID-C893C9E6-47B8-5149-9808-0274C61CF3D7.dita"><linktext>OCSP SWI
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	100	Integration</linktext></link>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892" Dominic Pinkman <Dominic.Pinkman@Nokia.com> parents: 3 diff changeset	101	</related-links></concept>

author	Dominic Pinkman <Dominic.Pinkman@Nokia.com>
	Wed, 31 Mar 2010 11:11:55 +0100
changeset 7	51a74ef9ed63
parent 5	f345bda72bc4
child 9	59758314f811
permissions	-rw-r--r--