Mercurial Mercurial > oss > MCL > sftools > depl > docscontent / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Symbian3/PDK/Source/GUID-90DF40EF-7D3F-551D-9957-A3756317A254.dita
author Dominic Pinkman <Dominic.Pinkman@Nokia.com>
Tue, 30 Mar 2010 11:56:28 +0100
changeset 5 f345bda72bc4
parent 3 46218c8b8afa
child 9 59758314f811
permissions -rw-r--r--
Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
5
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
     1
 
<?xml version="1.0" encoding="utf-8"?>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
     2
 
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
     3
 
<!-- This component and the accompanying materials are made available under the terms of the License
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
     4
 
"Eclipse Public License v1.0" which accompanies this distribution,
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
     5
 
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
     6
 
<!-- Initial Contributors:
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
     7
 
    Nokia Corporation - initial contribution.
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
     8
 
Contributors:
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
     9
 
-->
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    10
 
<!DOCTYPE concept
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    11
 
  PUBLIC "-//OASIS//DTD DITA Concept//EN" "concept.dtd">
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    12
 
<concept id="GUID-90DF40EF-7D3F-551D-9957-A3756317A254" xml:lang="en"><title>OCSP
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    13
 
Overview</title><prolog><metadata><keywords/></metadata></prolog><conbody>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    14
 
<p>Online Certificate Status Protocol (OCSP) is an internet protocol that
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    15
 
determines whether a given <xref href="GUID-911E9F7E-D0AD-55EC-A3F4-1D427F803780.dita">certificate</xref> or
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    16
 
a list of certificates has been revoked, and therefore, determines whether
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    17
 
the certificate can be trusted. The protocol is defined in <xref href="http://www.ietf.org/rfc/rfc2560.txt" scope="external">RFC2560</xref>. </p>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    18
 
<p>On the Symbian platform, <xref href="GUID-0AED3485-D498-57F1-9532-116EA5C8F68B.dita">Secure
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    19
 
Software Install (SWI)</xref> uses OCSP to verify whether a certificate associated
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    20
 
with an application to be installed has been revoked. For details of how SWI
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    21
 
uses OCSP revocation check, see <xref href="GUID-C893C9E6-47B8-5149-9808-0274C61CF3D7.dita">OCSP
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    22
 
SWI Integration</xref>. </p>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    23
 
<section id="GUID-F07B2071-BF8B-4D22-B6F6-1282B2040376"><title>OCSP request and response</title> <p>OCSP primarily consists
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    24
 
of two parts: a request and a response, each specified in the Abstract Syntax
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    25
 
Notation One - Distinguished Encoding Rules (<xref href="http://tools.ietf.org/html/rfc4792" scope="external">ASN.1</xref> -DER) format. A client application that wants
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    26
 
to get information on the revocation status of a certificate, forms an OCSP
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    27
 
request and sends this to an OCSP server. In its simplest form, an OCSP request
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    28
 
consists of one or more identifiers for the certificates whose status is in
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    29
 
question. The request is sent to the OCSP server identified by a Uniform Resource
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    30
 
Identifier (URI). The URI is specified either in the Authority Information
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    31
 
Access (AIA) extension of the certificate whose revocation status is to be
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    32
 
checked, or as a global URI with the OCSP client. AIA is defined in <xref href="http://www.ietf.org/rfc/rfc2459.txt" scope="external">RFC2459</xref>. </p> <p>The
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    33
 
OCSP server maintains information about the revocation of certificates. The
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    34
 
server replies to the client with a signed OCSP response, mentioning the revocation
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    35
 
status for each certificate. A response being signed with a key pair is trusted
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    36
 
as authoritative by the client. Alternatively, a server can also return an
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    37
 
error code as response (refer to <xref href="http://www.ietf.org/rfc/rfc2560.txt" scope="external">RFC2560</xref> for details of the various OCSP errors). OCSP
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    38
 
is transport-neutral with the URI of the server indicating the required transport
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    39
 
mechanism. Currently, only Hypertext Transfer Protocol (HTTP) is supported. </p> <p>The
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    40
 
client, in turn, verifies whether the response is valid and is from a trusted
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    41
 
entity. </p> </section>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    42
 
<section id="GUID-B4A093DA-6968-4B17-A3A7-7FF4800DED3B"><title>OCSP client-server interaction</title> <p>The server to which
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    43
 
the request for revocation check is sent may not actually be the server which
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    44
 
is authoritative to answer the request, but may act as a proxy to the destination
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    45
 
server. For information on the server to which the request actually gets routed,
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    46
 
the client includes a <i>serviceLocator</i> extension (containing the URI)
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    47
 
in the OCSP request. </p> <p>There may be a <i>serviceLocator</i> extension
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    48
 
for each certificate in the request. Therefore, it is syntactically possible
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    49
 
for the request to be split into multiple parts, with each part routed to
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    50
 
a different OCSP responder (the server that actually responds to the OCSP
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    51
 
request). The intermediate server collates the individual responses into one
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    52
 
and returns this to the client. This response is signed only by the intermediate
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    53
 
server. In such a situation, the client must trust this intermediate server. </p> <p>Three
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    54
 
scenarios are associated with the routing of OCSP requests to the appropriate
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    55
 
responder through intermediate servers. They are as follows: </p> <ul>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    56
 
<li id="GUID-CD8AAEA0-AA94-58EA-978F-3C2E21A2FE9F"><p> <b>Single OCSP responder</b>  </p> <p>One
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    57
 
OCSP server contains the revocation information for all the certificates to
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    58
 
be checked. One request containing all the certificates is sent to the responder
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    59
 
(in this case, the OCSP server), which replies with a single response. The
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    60
 
following figure illustrates the interaction between the OCSP client and a
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    61
 
single destination responder. </p> <fig id="GUID-11F6D229-29D0-510A-AB8A-64A906DC00F7">
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    62
 
<image href="GUID-8E3F3745-7875-51A2-BDA1-AA537C7B220E_d0e644296_href.png" placement="inline"/>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    63
 
</fig> </li>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    64
 
<li id="GUID-185C0C91-CC3F-5198-8EAB-BB1BF748A3D0"><p> <b>Multiple OCSP responders
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    65
 
using an intermediate OCSP server</b>  </p> <p>Multiple OCSP responders use
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    66
 
an intermediate OCSP server to route requests to the appropriate destination
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    67
 
responders. One request is sent to the intermediate server, which sends multiple
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    68
 
individual requests to the destination responders. The responses are collated,
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    69
 
and one response is sent back to the client. The following figure shows the
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    70
 
interaction between an OCSP client and multiple destination responders by
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    71
 
using an intermediate responder. </p> <fig id="GUID-964E18AA-E4F7-5A71-A2F3-19F3007C24C6">
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    72
 
<image href="GUID-2EF123C9-62A2-52FF-9792-66EF41F37452_d0e644312_href.png" placement="inline"/>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    73
 
</fig> </li>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    74
 
<li id="GUID-F092252F-79EF-58E2-A596-77D3FC07CC54"><p> <b>Multiple OCSP responders
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    75
 
without an intermediate server</b>  </p> <p>The client does the work of sending
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    76
 
each request to the appropriate responder. The client collates the responses
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    77
 
received. The following figure shows the interaction between the client and
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    78
 
multiple destination responders. </p> <fig id="GUID-223A3DB6-538E-5A4E-946C-87AA03449857">
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    79
 
<image href="GUID-A6F1F6AC-5D3C-5055-AEF1-B64671941BCB_d0e644328_href.png" placement="inline"/>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    80
 
</fig> </li>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    81
 
</ul> <p>The choice of the correct method of interaction between the client
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    82
 
and the responders depends on the nature of the Public Key Infrastructure
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    83
 
(PKI) and the availability of OCSP responders for routing requests as intermediates. </p> </section>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    84
 
<section id="GUID-891303A3-070F-40D2-9382-40A1165928DE"><title>Revocation check results</title> <p>If the response sent by
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    85
 
the OCSP server passes all the validation, the application that sends the
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    86
 
OCSP request determines the outcome by applying the following rules to the
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    87
 
certificate statuses in the response: </p> <ul>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    88
 
<li id="GUID-124E3CDE-7F74-5960-A92C-98B101644036"><p>If any certificate is
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    89
 
revoked, the result is <b>Revoked</b>  </p> </li>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    90
 
<li id="GUID-C0AF0A69-28C4-528B-9E14-1AAF13CEA497"><p>If all certificates
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    91
 
are valid, the result is <b>Good</b>  </p> </li>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    92
 
<li id="GUID-7BA5DACD-19B1-55CC-9378-28F4A47AAE12"><p>Otherwise, the result
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    93
 
is <b>Unknown</b>. </p> </li>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    94
 
</ul> <p> <b>Note:</b> A certificate status of <b>Good</b> does not indicate
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    95
 
that the certificate may be trusted. It merely indicates that the certificate
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    96
 
has not been revoked. The normal validation of that certificate (or the <xref href="GUID-A3B58436-07E4-565B-800B-86435D205461.dita">certificate chain</xref> in
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    97
 
which it lies) must still be performed. </p> </section>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    98
 
</conbody><related-links>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
    99
 
<link href="GUID-C893C9E6-47B8-5149-9808-0274C61CF3D7.dita"><linktext>OCSP SWI
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
   100
 
Integration</linktext></link>
f345bda72bc4 Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
Dominic Pinkman <Dominic.Pinkman@Nokia.com>
parents: 3
diff changeset 
   101
 
</related-links></concept>
MCL/sftools/depl/docscontent