Online Certificate Status Protocol ‘OCSP’. Outline: What is OCSP? Digital Signatures Certificate Revocation List Technical aspects of OCSP Types of OCSP Conclusions. Dave Hirose July 15 2004. OCSP & Digital Signatures. OCSP is a protocol used to verify the status of digital signatures
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Online Certificate Status Protocol‘OCSP’
What is OCSP?
Certificate Revocation List
Technical aspects of OCSP
Types of OCSP
July 15 2004
Target certificate identifier
Optional extensions which may be processed by the OCSP
Responses for each of the certificates in the request
Can be useful in certain situations.
Suitable for highly sensitive or high valued information
Weigh the risk of not using real time verification
against the cost of using and implementing it
Should consider checking the CRL directly for revoked certifications.
OCSP is not infallible. Since the revocation lists are not locked.
If real time verification of certificates is imperative and you have a high
volume complicated system, you should consider using a vendor specializing
in digital certificate validation