PKI Enhancements in Windows Vista and Windows Server 2008

www.andrewhay.ca » Suggested Blog Reading - Monday June 4th, 2007

www.andrewhay.ca » Suggested Blog Reading - Monday June 4th, 2007 — Tue, 05 Jun 2007 04:01:37 GMT

PingBack from http://www.andrewhay.ca/archives/136

re: PKI Enhancements in Windows Vista and Windows Server 2008

Matthew Kerr — Fri, 04 Jan 2008 00:12:09 GMT

Does the 2008 SCEP server have any changes? Specifically, I was hoping for support for the getcachain command and several other newer features since draft 13 of the SCEP protocol.

Does the OCSP responder support acting as a relay for scalability?

In Vista, how does one access the OCSP client? Can it be called programmatically through C# .Net 3.5 or somehow via WCF in .Net 3.5?

re: PKI Enhancements in Windows Vista and Windows Server 2008

Matt K. — Sat, 12 Jan 2008 00:59:35 GMT

I am interest in whether or not the OCSP client is configurable. In large scale deployments the OCSP Responder/Repeater IP addresses are not know at the time of certificate issuance. Can the client be configured to point to an IP rather than relying on the information provided in the certificate itself?

re: PKI Enhancements in Windows Vista and Windows Server 2008

Dan field — Tue, 12 Aug 2008 13:05:05 GMT

I am very interested to know why there is an ocsp responder built into vista? How this ocsp responder is configured? Can it be used to validate installed any installed ocsp certs (as it does not seem to do this out the box)? Can third party apps use the ocsp responder? Will we still need tumbleweed or corestreet clients?