Hotline

+374 60 464 504

Certificate Revocation List

OCSP and TSA verification services

  • The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of a digital certificate. It was created as an alternative to certificate revocation lists (CRL), specifically addressing certain problems associated with using CRLs in a public key infrastructure (PKI). OCSP returns a response about the status of a certificate identufying as 'good', 'revoked', 'on-hold' or 'unknown'.
  • Time Stamp Authority (TSA) service is the process of securely keeping track of the creation and modification time of a document. Security here means that no one — not even the owner of the document — can change it once it has been recorded provided that the timestamper's integrity is never compromised. A timestamp is an encoded information. It identifies a certain event, giving date and time to the document. 

 

  1. OCSP advantages
  2. OCSP contains less information than a CRL without overloading the network.

  3. OCSP response has less data to parse than CRLs.

  4. OCSP discloses that a particular network host used a particular certificate at a particular time.

  5. OCSP does not encrypt data, thus other parties can follow the flow of information.