Online certificate status protocol ocsp
This presentation is the property of its rightful owner.
Sponsored Links
1 / 7

Online Certificate Status Protocol ‘OCSP’ PowerPoint PPT Presentation


  • 273 Views
  • Uploaded on
  • Presentation posted in: General

Online Certificate Status Protocol ‘OCSP’. Outline: What is OCSP? Digital Signatures Certificate Revocation List Technical aspects of OCSP Types of OCSP Conclusions. Dave Hirose July 15 2004. OCSP & Digital Signatures. OCSP is a protocol used to verify the status of digital signatures

Download Presentation

Online Certificate Status Protocol ‘OCSP’

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Online certificate status protocol ocsp

Online Certificate Status Protocol‘OCSP’

Outline:

What is OCSP?

Digital Signatures

Certificate Revocation List

Technical aspects of OCSP

Types of OCSP

Conclusions

Dave Hirose

July 15 2004


Ocsp digital signatures

OCSP & Digital Signatures

  • OCSP is a protocol used to verify the status of digital signatures

  • Digital Signatures


Certificate status certificate revocation lists ocsp

Certificate StatusCertificate Revocation Lists &OCSP


Technical details of ocsp

Technical details of OCSP

Request

Protocol version

Service request

Target certificate identifier

Optional extensions which may be processed by the OCSP

Response

Version

Responder’s name

Responses for each of the certificates in the request

Possible Responses:

Good

Revoked

Unknown


Types of ocsp

Types of OCSP

Trusted

Distributed


Conclusion

Conclusion

Can be useful in certain situations.

Suitable for highly sensitive or high valued information

Weigh the risk of not using real time verification

against the cost of using and implementing it

Should consider checking the CRL directly for revoked certifications.

OCSP is not infallible. Since the revocation lists are not locked.

If real time verification of certificates is imperative and you have a high

volume complicated system, you should consider using a vendor specializing

in digital certificate validation


Online certificate status protocol

Online Certificate Status Protocol

  • Questions?


  • Login