![]() A client validating a certificate transmits the certificate serial number, a hash of the issuer name, and a hash of the subject name, to that OCSP server. A CA certificate contains a reference to an OCSP server. The Online Certificate Status Protocol (OCSP) was designed with the goal of reducing the costs of CRL transmission and eliminating the time lag between certificate invalidity and certificate revocation inherent in CRL-based designs. Terence Spies, in Computer and Information Security Handbook, 2009 Online Certificate Status Protocol
0 Comments
Leave a Reply. |