The Internet Engineering Task Force (IETF) in RFC 2560 defines OCSP (Online Certificate Status Protocol). The OCSP is an Internet protocol used for obtaining the revocation status of an X.509 Digital Certificate. The Servers using OCSP provides revocation status of requested X.509 Digital Certificates are termed as OCSP Responders. OCSP Responder should install OCSP Responder Certificate from the issuer of the requested Digital Certificate. OCSP Responder Certificate is used to allow OCSP Responder digitally sign the revocation status. When an OCSP-enabled Certificate is presented to a security application, the software checks the certificate to ensure that it is a valid certificate before the associated operation can proceed. This OCSP Certificate contains control information to show whether it is valid or not by accessing a CRL. In various applications such as Banking, e-Commerce and Financial Services, Digital Certificate holders need to check the validity. OCSP helps in achieving the same.

Benefits of using OCSP Responder Certificate :

• Originated from the authentic OCSP Responder
• Was not tampered with during transmission