Technical Summary
This document defines a lightweight profile of the Online Certificate
Status Protocol (OCSP) that can be used to allow distributed local
provision of cashed pre-calculated OCSP responses from a central OCSP
server. It is intended that the normative requirements defined in
this profile will be adopted by OCSP clients and OCSP responders
operating in either very large scale (high volume) PKI environments or
environments that need minimize bandwidth or client-side processing
power (or both). This document addresses the scalability issues, and
defines a message profiles for and OCSP client and responder. The
document includes:
1) OCSP response pre-production and distribution;
2) Reduced OCSP message size to lower bandwidth usage; and
3) Response message caching in OCSP responders and clients.
Working Group Summary
The PKIX working group expressed consensus to advance the document as
a standards track RFC.
Protocol Quality
This document has been reviewed by members of the ietf-pkix@imc.org
mailing list and by the PKIX working group chairs.
This document was reviewed by Russ Housley for the IESG.