Document: draft-ietf-stir-certificates-ocsp Title: OCSP Usage for Secure Telephone Identity Certificates Reviewer: Phillip Hallam-Baker Review result: Has Issues The Security Considerations section needs to be more than just 'this document is all about security'. The privacy considerations section needs to be cited as the information relating to certificate (and hence subscriber activity) leaking is also a security consideration. Operators of the OCSP services need to take appropriate measures. Another dimension that needs to be considered is service. The loss of the OCSP service potentially results in a subscriber being unable to place or receive a call. The OSCP service may be a target for a DoS attack. While stapling mitigates this, it does not eliminate it. -- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
