OCSP (Online Certificate Status Protocol) is one of two common schemes for determining the revocation status of a cryptographic certificate. The other method, which OCSP has superseded in some scenarios, is known as Certificate Revocation List (CRL). Enables applications to determine the (revocation) state of an identified certificate in real-time. OCSP may be used to satisfy some of the operational requirements of providing more timely revocation information than is possible with CRLs and may also be used to obtain additional status information. An OCSP client issues a status request to an OCSP responder and suspends acceptance of the certificate in question until the responder provides a response. This protocol specifies the data that needs to be exchanged between an application checking the status of a certificate and the server providing that status.
Relevant NENA Documents