RFC2560: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP1999 RFC
- Authors:
- M. Myers,
- R. Ankney,
- A. Malpani,
- S. Galperin,
- C. Adams
Skip Abstract Section
Abstract
This document specifies a protocol useful in determining the current status of a digital certificate without requiring CRLs. Additional mechanisms addressing PKIX operational requirements are specified in separate documents.
RFC Downloads
ZIP
Cited By
- Khan S, Luo F, Zhang Z, Rahim M, Ahmad M and Wu K (2022). Survey on Issues and Recent Advances in Vehicular Public-Key Infrastructure (VPKI), IEEE Communications Surveys & Tutorials, 24:3, (1574-1601), Online publication date: 1-Jul-2022.
- Wang M, Qian C, Li X, Shi S and Chen S (2021). Collaborative Validation of Public-Key Certificates for IoT by Distributed Caching, IEEE/ACM Transactions on Networking, 29:1, (92-105), Online publication date: 1-Feb-2021.
Khodaei M and Papadimitratos P Efficient, Scalable, and Resilient Vehicle-Centric Certificate Revocation List Distribution in VANETs Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks, (172-183)- Masdari M (2017). Markov chain-based evaluation of the certificate status validations in hybrid MANETs, Journal of Network and Computer Applications, 80:C, (79-89), Online publication date: 15-Feb-2017.
- (2017). Up-to-date key retrieval for information centric networking, Computer Networks: The International Journal of Computer and Telecommunications Networking, 112:C, (1-11), Online publication date: 15-Jan-2017.
- Bhatia T and Verma A (2017). Data security in mobile cloud computing paradigm, The Journal of Supercomputing, 73:6, (2558-2631), Online publication date: 1-Jun-2017.
- Sánchez-García J, García-Campos J, Reina D, Toral S and Barrero F (2016). On-siteDriverID, Future Generation Computer Systems, 64:C, (50-60), Online publication date: 1-Nov-2016.
- Taly A and Shankar A Distributed Authorization in Vanadium Tutorial Lectures on Foundations of Security Analysis and Design VIII - Volume 9808, (139-162)
- Baumeister T and Dong Y (2016). Towards secure identity management for the smart grid, Security and Communication Networks, 9:9, (808-822), Online publication date: 1-Jun-2016.
- Stajano F, Christianson B, Lomas M, Jenkinson G, Payne J, Spencer M and Stafford-Fraser Q Pico Without Public Keys Revised Selected Papers of the 23rd International Workshop on Security Protocols XXIII - Volume 9379, (195-211)
- Masdari M, Jabbehdari S and Bagherzadeh J (2015). Secure publish/subscribe-based certificate status validations in mobile ad hoc networks, Security and Communication Networks, 8:6, (1063-1076), Online publication date: 1-Apr-2015.
- Basin D, Cremers C, Kim T, Perrig A, Sasse R and Szalachowski P ARPKI Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, (382-393)
- Soni A, Keoh S, Kumar S and Garcia-Morchon O HADA Proceedings of the 1st International Symposium on ICS & SCADA Cyber Security Research 2013, (1-11)
- Su L, Lim H, Ling S and Wang H Revocable IBE Systems with Almost Constant-Size Key Update 6th International Conference on Pairing-Based Cryptography --- Pairing 2013 - Volume 8365, (168-185)
- Kim T, Huang L, Perrig A, Jackson C and Gligor V Accountable key infrastructure (AKI) Proceedings of the 22nd international conference on World Wide Web, (679-690)
- Diaz J, Arroyo D and Rodriguez F Anonymity Revocation through Standard Infrastructures Revised Selected Papers of the 9th European Workshop on Public Key Infrastructures, Services and Applications - Volume 7868, (112-127)
- Vigil M, Moecke C, Custódio R and Volkamer M The Notary Based PKI Revised Selected Papers of the 9th European Workshop on Public Key Infrastructures, Services and Applications - Volume 7868, (85-97)
- Braun J, Hülsing A, Wiesmaier A, Vigil M and Buchmann J How to Avoid the Breakdown of Public Key Infrastructures Revised Selected Papers of the 9th European Workshop on Public Key Infrastructures, Services and Applications - Volume 7868, (53-68)
- Zhang N, Lin J, Jing J and Gao N RIKE Proceedings of the 10th international conference on Applied Cryptography and Network Security, (48-65)
- Ray S and Biswas G An ECC based public key infrastructure usable for mobile applications Proceedings of the Second International Conference on Computational Science, Engineering and Information Technology, (562-568)
- Kobsa A, Nithyanand R, Tsudik G and Uzun E Usability of display-equipped RFID tags for security purposes Proceedings of the 16th European conference on Research in computer security, (434-451)
- Dragoni N, Lostal E, Papini D and Fabra J SC2 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security, (32-48)
- Samuel J, Mathewson N, Cappos J and Dingledine R Survivable key compromise in software update systems Proceedings of the 17th ACM conference on Computer and communications security, (61-72)
- Lee A, Minami K and Winslett M (2010). On the consistency of distributed proofs with hidden subtrees, ACM Transactions on Information and System Security, 13:3, (1-32), Online publication date: 1-Jul-2010.
- Chadwick D FileSpace Proceedings of the 8th Symposium on Identity and Trust on the Internet, (94-102)
- Perlner R and Cooper D Quantum resistant public key cryptography Proceedings of the 8th Symposium on Identity and Trust on the Internet, (85-93)
- Roxin A, Dumez C, Cottin N, Gaber J and Wack M TransportML Proceedings of the 3rd international conference on New technologies, mobility and security, (301-306)
- Lim T, Lakshminarayanan A and Saksen V A practical and efficient tree-list structure for public-key certificate validation Proceedings of the 6th international conference on Applied cryptography and network security, (392-410)
- Riaz R, Naureen A, Akram A, Akbar A, Kim K and Farooq Ahmed H (2008). A unified security framework with three key management schemes for wireless sensor networks, Computer Communications, 31:18, (4269-4280), Online publication date: 1-Dec-2008.
- Kaji T, Fujishiro T and Tezuka S (2008). A Proposal of TLS Implementation for Cross Certification Model, IEICE - Transactions on Information and Systems, E91-D:5, (1311-1318), Online publication date: 1-May-2008.
- Walleck D, Li Y and Xu S Empirical Analysis of Certificate Revocation Lists Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security, (159-174)
- Troncoso C, De Cock D and Preneel B Improving secure long-term archival of digitally signed documents Proceedings of the 4th ACM international workshop on Storage security and survivability, (27-36)
- Lee A and Winslett M (2008). Enforcing Safety and Consistency Constraints in Policy-Based Authorization Systems, ACM Transactions on Information and System Security, 12:2, (1-33), Online publication date: 1-Dec-2008.
- Abbadi I and Alawneh M DRM domain authentication using electronic payment systems Proceedings of the 10th international conference on Electronic commerce, (1-10)
- Lee Y, Ahn J, Kim S and Won D A Countermeasure of Fake Root Key Installation Using One-Time Hash Chain Proceedings of the 1st KES International Symposium on Agent and Multi-Agent Systems: Technologies and Applications, (1007-1016)
- Chadwick D and Anthony S Using WebDAV for improved certificate revocation and publication Proceedings of the 4th European conference on Public Key Infrastructure: theory and practice, (265-279)
- Abbadi I Digital rights management using a master control device Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security, (126-141)
- Narasimha M and Tsudik G Privacy-preserving revocation checking with modified CRLs Proceedings of the 4th European conference on Public Key Infrastructure: theory and practice, (18-33)
- Jung E, Elmallah E and Gouda M (2007). Optimal Dispersal of Certificate Chains, IEEE Transactions on Parallel and Distributed Systems, 18:4, (474-484), Online publication date: 1-Apr-2007.
- Lee Y, Lee J and Song J (2007). Design and implementation of wireless PKI technology suitable for mobile phone in mobile-commerce, Computer Communications, 30:4, (893-903), Online publication date: 15-Feb-2007.
- Benjumea V, Choi S, Lopez J and Yung M Anonymity 2.0 - X.509 extensions supporting privacy-friendly authentication Proceedings of the 6th international conference on Cryptology and network security, (265-281)
- Lacoste M, Privat G and Ramparany F Evaluating confidence in context for context-aware security Proceedings of the 2007 European conference on Ambient intelligence, (211-229)
- Yap W, Chow S, Heng S and Goi B Security Mediated Certificateless Signatures Proceedings of the 5th international conference on Applied Cryptography and Network Security, (459-477)
- Abbadi I Authorised domain management using location based services Proceedings of the 4th international conference on mobile technology, applications, and systems and the 1st international symposium on Computer human interaction in mobile technology, (280-287)
- Crampton J, Lim H and Paterson K What can identity-based cryptography offer to web services? Proceedings of the 2007 ACM workshop on Secure web services, (26-36)
- Abbadi I and Mitchell C Digital rights management using a mobile phone Proceedings of the ninth international conference on Electronic commerce, (185-194)
- Lee A, Minami K and Winslett M Lightweight consistency enforcement schemes for distributed proofs with hidden subtrees Proceedings of the 12th ACM symposium on Access control models and technologies, (101-110)
- Vasanta H, Safavi-Naini R, Sheppard N and Surminen J Distributed management of OMA DRM domains Proceedings of the 7th international conference on Information security applications: PartI, (237-251)
- Park N, Kim H, Chung K, Sohn S and Won D XML-signcryption based LBS security protocol acceleration methods in mobile distributed computing Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part V, (251-259)
- Solis J and Tsudik G Simple and flexible revocation checking with privacy Proceedings of the 6th international conference on Privacy Enhancing Technologies, (351-367)
- Kwon T, Cheon J, Kim Y and Lee J Privacy protection in PKIs Proceedings of the 7th international conference on Information security applications: PartI, (297-311)
- Sur C, Yang J and Rhee K A new efficient protocol for authentication and certificate status management in personal area networks Proceedings of the 21st international conference on Computer and Information Sciences, (952-962)
- Sur C and Rhee K An efficient authentication and simplified certificate status management for personal area networks Proceedings of the 9th Asia-Pacific international conference on Network Operations and Management: management of Convergence Networks and Services, (273-282)
- Lakshminarayanan A and Lim T Augmented certificate revocation lists Proceedings of the 11th Australasian conference on Information Security and Privacy, (87-98)
- Zhao M and Smith S Modeling and evaluation of certification path discovery in the emerging global PKI Proceedings of the Third European conference on Public Key Infrastructure: theory and Practice, (16-30)
- Ølnes J and Buene L Use of a validation authority to provide risk management for the PKI relying party Proceedings of the Third European conference on Public Key Infrastructure: theory and Practice, (1-15)
- Hassinen M, Hyppönen K and Haataja K An open, PKI-based mobile payment system Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security, (86-100)
- Hinarejos M and Forné J Revocation scheme for PMI based upon the tracing of certificates chains Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part IV, (1098-1106)
- Lee A and Winslett M Safety and consistency in policy-based authorization systems Proceedings of the 13th ACM conference on Computer and communications security, (124-133)
- Pirretti M, Traynor P, McDaniel P and Waters B Secure attribute-based systems Proceedings of the 13th ACM conference on Computer and communications security, (99-112)
- Blazic A and Sylvester P Provision of long-term archiving service for digitally signed documents using an archive interaction protocol Proceedings of the Second European conference on Public Key Infrastructure, (240-254)
- Lee Y, Kim I, Kim S and Won D A method for detecting the exposure of OCSP responder's session private key in D-OCSP-KIS Proceedings of the Second European conference on Public Key Infrastructure, (215-226)
- Park N, Kim H, Kim S and Won D Open location-based service using secure middleware infrastructure in web services Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part II, (1146-1155)
- Li S, Zhou J, Li X and Chen K An authentication protocol for pervasive computing Proceedings of the Third international conference on Parallel and Distributed Processing and Applications, (553-563)
- Li J, Zhu Y, Pan H and Wei D A new public key certificate revocation scheme based on one-way hash chain Proceedings of the 6th international conference on Advances in Web-Age Information Management, (670-675)
- Muñoz J, Forné J, Esparza O and Rey M Efficient certificate revocation system implementation Proceedings of the Second international conference on Trust, Privacy, and Security in Digital Business, (119-127)
- Alsaid A and Mitchell C Installing fake root keys in a PC Proceedings of the Second European conference on Public Key Infrastructure, (227-239)
- van Oorschot P and Stubblebine S Countering identity theft through digital uniqueness, location cross-checking, and funneling Proceedings of the 9th international conference on Financial Cryptography and Data Security, (31-43)
- Bicakci K, Crispo B and Tanenbaum A How to incorporate revocation status information into the trust metrics for public-key certification Proceedings of the 2005 ACM symposium on Applied computing, (1594-1598)
- Conrad M, Fuhrmann T, Schöller M and Zitterbart M Secure service signaling and fast authorization in programmable networks Proceedings of the 6th IFIP TC6 international working conference on Active networks, (66-77)
- Yum D and Lee P Separable implicit certificate revocation Proceedings of the 7th international conference on Information Security and Cryptology, (121-136)
- Lim S, Choi J and Zeilenga K Secure and flexible certificate access in WS-security through LDAP component matching Proceedings of the 2004 workshop on Secure web service, (87-96)
- Li H and Wang Y Public-key infrastructure Payment technologies for E-commerce, (39-70)
- Smith T and Ramakrishnan L Joint Policy Management and Auditing in Virtual Organizations Proceedings of the 4th International Workshop on Grid Computing
- Crépeau C and Davis C A certificate revocation scheme for wireless ad hoc networks Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks, (54-61)
- Perrin T Public key distribution through "cryptoIDs" Proceedings of the 2003 workshop on New security paradigms, (87-102)
- Park N, Moon K and Sohn S Certificate validation service using XKMS for computational grid Proceedings of the 2003 ACM workshop on XML security, (112-120)
- Zheng P (2003). Tradeoffs in certificate revocation schemes, ACM SIGCOMM Computer Communication Review, 33:2, (103-112), Online publication date: 1-Apr-2003.
- Kawada E (2002). Authentication Services in Mobile Networks, Wireless Personal Communications: An International Journal, 22:2, (237-243), Online publication date: 1-Aug-2002.
- Levi A and Koç C Reducing certificate revocation cost using NPKI Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge, (51-59)
- Boneh D, Ding X, Tsudik G and Wong C A method for fast revocation of public key certificates and security capabilities Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
- Benantar M (2001). The internet public key infrastructure, IBM Systems Journal, 40:3, (648-665), Online publication date: 1-Mar-2001.
- Kaliski B (2001). An unknown key-share attack on the MQV key agreement protocol, ACM Transactions on Information and System Security, 4:3, (275-288), Online publication date: 1-Aug-2001.
- Dittmann J, Wohlmacher P and Nahrstedt K (2001). Using Cryptographic and Watermarking Algorithms, IEEE MultiMedia, 8:4, (54-65), Online publication date: 1-Oct-2001.
- Wohlmacher P Digital certificates Proceedings of the 2000 ACM workshops on Multimedia, (111-114)
- Iliadis J, Spinellis D, Gritzalis D, Preneel B and Katsikas S Evaluating certificate status information mechanisms Proceedings of the 7th ACM conference on Computer and Communications Security, (1-8)
- Gunter C and Jim T Generalized certificate revocation Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, (316-329)