Network Security
OCSP (Online Certificate Status Protocol)
Also known as: Online Certificate Status Protocol, OCSP stapling
Definition
An HTTP-based protocol that lets a client query a CA's responder in real time to determine whether a specific X.509 certificate is valid, revoked or unknown.
Examples
- A browser issuing an OCSP request to verify the certificate of an online banking site.
- An HTTPS server with OCSP stapling enabled to deliver a fresh signed status during each TLS handshake.
Related terms
Certificate Revocation List (CRL)
A signed, periodically published list of digital certificates that a CA has invalidated before their natural expiry, used by relying parties to detect revoked certs.
X.509 Certificate
A standard structure for a digital certificate that binds a public key to an identity through a signature from a trusted certificate authority.
Certificate Authority (CA)
A trusted entity that issues and signs digital certificates, binding cryptographic public keys to verified identities such as domain names or organisations.
TLS (Transport Layer Security)
TLS (Transport Layer Security) — definition coming soon.
Public Key Infrastructure (PKI)
The combined system of policies, software, hardware and trusted authorities used to issue, distribute, validate and revoke digital certificates that bind identities to public keys.
HTTPS
HTTPS — definition coming soon.