Cryptolog OCSP responder
Cryptolog OCSP Responder adds a certificate validation functionality to Cryptolog Identity or any other standards-compliant Public Key Infrastructure (PKI). It does away with the need to regularly run through long lists of revoked certificates (lists that may even be out-of-date) by simply performing a real-time check of an individual certificate's validity as and when you need it.
Key benefits of Cryptolog OCSP Responder
Cryptolog OCSP Responder lets you check whether a digital certificate is still valid -- right when you need to know.
This information is critical for:
- Digital signatures: Cryptolog OCSP Responder checks that a certificate corresponding to a signed document is valid at the exact time of signature.
- Strong authentication: Cryptolog OCSP Responder confirms that a digital certificate is valid before allowing access to confidential data.
As well as ensuring that information is fully up-to-date, checking validity "just in time" also greatly reduces network traffic and frees up bandwidth.
Technical specifications
Cryptolog OCSP Responder is a server-based tool, written in Java, that can be used instead of a Certificate Revocation List (CRL) to check the validity of a digital certificate in real-time.
Cryptolog OCSP Responder supports the following systems and standards.
| Server OS Platforms | Windows 2000 Server or later, Linux, *BSD, Sun Solaris, all UNIX/POSIX platforms |
| Certificates/CRL | X509v3, CRLv2 (X509v1 compatible; RFC 3279 and RFC 3280 compatible; manages all standard extensions, plus proprietary extensions) |