… Status of this Memo This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for improvements. Please …

… certificate reliability is essential in order to achieve the security assurances public key
cryptography … [RFC2560]. Note that the OCSP responder does not refer to the party that sends the …

… of the Online Certificate Status Protocol (OCSP) [RFC 2560] for … Internet Engineering Task
Force’s Public Key Infrastructure working group has defined an alternative method of certificate …

… OCSP with a single public key by using key-insulated signature scheme [6]… private key, but
corresponding public key remains fixed, so the client simply obtains and stores one certificate …

… of public key infrastructure (PKI). The most common standard for digital certificates is X.509 …
call backs to CAs No online certificate status checks Certificate expiration within a few days, …

… Public Key Infrastructure (PKI) plays an important role in … essential role in authenticating
the communicating parties. PKI binds public keys to entities, enables other entities to verify key …

… The primary reason for the publication of this document is to address ambiguities that have
been found since the publication of RFC 2560. This document differs from RFC 2560 in only …

… A new on-line method for efficient handling of certificates within Public-Key Infrastructures
(PKIs) is presented. The method is based on a purposely-conceived extension of the One-Way …

… the comparative analysis of Online Certificate Status Protocol (OCSP) [2] and the Certificate
Revocation List (CRL). On the basis of the IKEv2 protocol, Public Key Infrastructure (PKI) …

… The certificate revocation list (CRL) is currently the most widespread implementation mechanism
for certificate revocation within a public-key infrastructure … Note that the RFC 2560 states …