The purpose of the validity confirmation service, i.e. OCSP (Online Certificate Status Protocol), is to make it possible to ask about the status of certificates in real time.
The service is based on the OCSP protocol, which is described in Internet Standard RFC 6960. OCSP is a simple client-server system, where the OCSP client sends a query about a certificate to the OCSP responder (server) and the responder gives confirmation about the certificate, including the validity or invalidity of the certificate and the time the confirmation was given. The response given by the responder is digitally signed.
-
Show Hide The validity confirmation service is based on Online Certificate Status Protocol or OCSP.
This is a simple client-server system, where an OCSP client sends a query about the certificate to the OCSP responder or server. The responder replies to the certificate query with a confirmation containing the time of the confirmation as well as a reply on the validity or invalidity of the certificate. The response given by the OCSP responder is digitally signed.
The OCSP-protocol has been described in more detail in Internet Standard RFC 6960.
