cv act PKIntegrated, the PKI solution of cryptovision, supports OCSP (Online Certificate status protocol) via the additional product cv act ocsp/responder. The cv act ocsp/responder is a gateway that is moved onto the server side in front of the Directory Service and forms a new interface for PKI use (for example the email encryption software). The application must also support the OCSP provided in the client-products of the cv cryptovision.

Up to Date Revocation Information

The procedure to query the validity of a certificate with OCSP is conceivably simple: an OCSP-capable client initially sends an inquiry with a given certificate number over the network to an OCSP-capable server component (OCSP-Responder). Subsequently, the cv act ocsp/responder sends a response back, that indicates whether the given certificate is revoked or not. The sent data only amounts to several hundred bytes, which cannot be compared with the enormous size of a revocation list.

With the cv act ocsp/responder, the OCSP-Responder from cv cryptovision derives the data directly from the Directory Service, in which the PKI solution cv act PKIntegrated is integrated. All revocation information is thereby always up to date.