Online certificate status protocol ocsp
Download
1 / 7

Online Certificate Status Protocol ‘OCSP’ - PowerPoint PPT Presentation


  • 360 Views
  • Uploaded on

Online Certificate Status Protocol ‘OCSP’. Outline: What is OCSP? Digital Signatures Certificate Revocation List Technical aspects of OCSP Types of OCSP Conclusions. Dave Hirose July 15 2004. OCSP & Digital Signatures. OCSP is a protocol used to verify the status of digital signatures

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Online Certificate Status Protocol ‘OCSP’' - huey


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Online certificate status protocol ocsp

Online Certificate Status Protocol‘OCSP’

Outline:

What is OCSP?

Digital Signatures

Certificate Revocation List

Technical aspects of OCSP

Types of OCSP

Conclusions

Dave Hirose

July 15 2004


Ocsp digital signatures
OCSP & Digital Signatures

  • OCSP is a protocol used to verify the status of digital signatures

  • Digital Signatures


Certificate status certificate revocation lists ocsp
Certificate StatusCertificate Revocation Lists &OCSP


Technical details of ocsp
Technical details of OCSP

Request

Protocol version

Service request

Target certificate identifier

Optional extensions which may be processed by the OCSP

Response

Version

Responder’s name

Responses for each of the certificates in the request

Possible Responses:

Good

Revoked

Unknown


Types of ocsp
Types of OCSP

Trusted

Distributed


Conclusion
Conclusion

Can be useful in certain situations.

Suitable for highly sensitive or high valued information

Weigh the risk of not using real time verification

against the cost of using and implementing it

Should consider checking the CRL directly for revoked certifications.

OCSP is not infallible. Since the revocation lists are not locked.

If real time verification of certificates is imperative and you have a high

volume complicated system, you should consider using a vendor specializing

in digital certificate validation



ad