We are independent & ad-supported. We may earn a commission for purchases made through our links.
WiseGeek

Advertiser Disclosure

Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.

How We Make Money

We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently from our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Technology

What is Online Certificate Security Protocol?

By Carol Francois
Updated Feb 24, 2024
Our promise to you
WiseGeek is dedicated to creating trustworthy, high-quality content that always prioritizes transparency, integrity, and inclusivity above all else. Our ensure that our content creation and review process includes rigorous fact-checking, evidence-based, and continual updates to ensure accuracy and reliability.

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

Editorial Standards

At WiseGeek, we are committed to creating content that you can trust. Our editorial process is designed to ensure that every piece of content we publish is accurate, reliable, and informative.

Our team of experienced writers and editors follows a strict set of guidelines to ensure the highest quality content. We conduct thorough research, fact-check all information, and rely on credible sources to back up our claims. Our content is reviewed by subject matter experts to ensure accuracy and clarity.

We believe in transparency and maintain editorial independence from our advertisers. Our team does not receive direct compensation from advertisers, allowing us to create unbiased content that prioritizes your interests.

The online certificate security protocol are the standards upon which certificate issuing and authentication applications are built. The protocol states exactly what information must be provided to give the certificate status and identify the originating server.

When a server attempts to connect to a secured computer, there is an exchange of certificates. In order for the certificate to be authenticated, there is a standard set of information that must be exchanged and verified. The online certificate security protocol states what this information is and the format it must be transmitted in. Each transmission must include the protocol version, server request and target certificate identifier. There are also optional extensions that can be accepted by the online certificate security protocol responder.

When the online certificate security protocol responder receives the request, it checks if the message is formatted properly, that the servers being requested are available from the responder and if the required information is included. If not then an error message is sent to the originator.

The protocol provides the minimum standards, and includes the details of all the possible responses. All responses from accepted certificates must have one of the following; a signature from the originating certificate authority, a trusted third party or a certificate authenticator designated responder who is duly authorized to process these requests.

The online certificate security protocol can be compared to the locksmith industry. Although there are a wide range of lock companies, key companies and security options, there are base functions that are consistent across the industry, accepted standards form the basis for these agreements.

A positive response message has the response version, responder name, included responses, any optional extensions, algorithm signature and the signature calculated along the hash of the response. In the response, the certificate status is included and there are three options; good, revoked and unknown.

It is the responsibility of the online certificate security protocol client to confirm a signed response is valid, the signatory matches the recipient, the signatory is authorized the time of the status update is recent and the certificate received matches the one requested.

The rules of online certificate security protocol as an accepted standard format were created in June 1999, as part of a larger attempt to create a framework surrounding the management of certificates. The protocol was developed by the Network Working Group, with representatives from VeriSign, CertCo, ValiCert, My CFO and Entrust Technologies.

Each security certificate issuer has signed acceptance of this protocol and builds additional features into their competing product offerings, while maintaining the required infrastructures. It is the cooperation of these competing firms to create and comply with a standard practice that have allowed this industry to gain wide acceptance.

The online certificate security protocol covers a wide range of topics, including allowed responses from the certificate authentication program, required syntax, the development of standard error messages, archiving guidelines and how to manage security considerations and appropriate responses.

WiseGeek is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.
See our Editorial Process Share Feedback

Discussion Comments

WiseGeek, in your inbox

Our latest articles, guides, and more, delivered daily.

WiseGeek, in your inbox

Our latest articles, guides, and more, delivered daily.