| 翻訳と辞書 |
Online Certificate Status Protocol
The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It is described in RFC 6960 and is on the Internet standards track. It was created as an alternative to certificate revocation lists (CRL), specifically addressing certain problems associated with using CRLs in a public key infrastructure (PKI). Messages communicated via OCSP are encoded in ASN.1 and are usually communicated over HTTP. The "request/response" nature of these messages leads to OCSP servers being termed ''OCSP responders''.
==Comparison to CRLs==
* Since an OCSP response contains less information than a typical certificate revocation list (CRL), it puts less burden on network and client resources.
* Since an OCSP response has less data to parse, the client-side libraries that handle it can be less complex than those that handle CRLs.
* OCSP discloses to the responder that a particular network host used a particular certificate at a particular time. OCSP does not mandate encryption, so other parties may intercept this information.〔
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』
■ウィキペディアで「Online Certificate Status Protocol」の詳細全文を読む
スポンサード リンク
| 翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|