OCSP (Online Certificate Status Protocol) Service

OCSP is short for Online Certificate Status Protocol. Tecxoft OCSP Responder complies with IETF RFC 2560. Applications send request to OCSP responder for checking status of concerned certificate. The OCSP server responds with real-time response. This method is used for checking the revocation of a certificate. Other way of checking revocation is CRL method, in which CRL is downloaded and certificates are checked if any one appear in the CRL. If a certificate's serial number appears in the CRL, it is considered revoked, all CRL entries also include a revocation reason. All this functionality is programmed in computer applications. CRLs can be large files but an OCSP response is of small size. OCSP response is digitally signed.


OCSP or revocation information is required for creating long-term valid signatures. Revocation information is embedded with the signature, to verify, certificate is valid at the time signing was performed.


Please find more details about Tecxoft products here.


Top