[foaf-protocols] Logging out early w/ OCSP
Joe Presbrey
presbrey at csail.mit.edu
Mon Sep 20 17:04:15 CEST 2010
Do your WebID IdP's implement OCSP?
http://en.wikipedia.org/wiki/Online_Certificate_Status_Protocol
On a public terminal, It seems I can ask for a 30-minute session
(literally with X509 enddate/notAfter) but I can't end it early
without OCSP.
I would think my IdP's should send OCSP denials for requests for my
temporarily-issued cert after I click my IdP's Logout button.
Apache implements OCSP:
http://httpd.apache.org/docs/trunk/mod/mod_ssl.html#sslocspenable
--
Joe Presbrey
More information about the foaf-protocols
mailing list