Cisco CloudCenter: Get the Hybrid IT Advantage

Online Certificate Status Protocol (OCSP)

Definition - What does Online Certificate Status Protocol (OCSP) mean?

An online certificate status protocol (OCSP) is one of the two protocols aside from certificate revocation lists (CRL) for maintaining the security of servers and other network resources. It is used for getting an X.509 digital certificate’s revocation status. The messages transmitted via OCSP over HTTP are encoded in ASN.1, which is a set of notations that describe rules and structures in telecommunications and networking. The OCSP servers are called OCSP responders because of the request/response nature of the transmission between them and the client. OCSP was actually created as an alternative for CRL to address certain problems regarding the use of CRLs in public key infrastructure (PKI).

Techopedia explains Online Certificate Status Protocol (OCSP)

OCSP has many advantages over CRL. It overcomes CRL’s prime limitation: the fact that frequent downloads are required to keep things current at the client’s side. OCSP also uses very few network resources because it contains less information than a CRL. Clients do not need to parse CRLs when using OCSP, which benefits end users by reducing complexity, but this is balanced by the need to sustain a cache. OCSP does not need to be encrypted, so when it discloses information about a particular node using some form of certificate to the responder, this information could be intercepted by third parties.

In the event that a user attempts to access a server, the OCSP responder replies with a request for their certificate status information. The server the user is accessing then responds with the certificate status, which may be "current," "expired" or even "unknown." From there, the protocol chooses a specific syntax for the communication between the server and the client application.

Share this:

Connect with us

Email Newsletter

Join thousands of others with our weekly newsletter

The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.