nOCSP:
Online Certificate Status Protocol
nA
way to ask “is this certificate good right now?
nGet
back a signed response from the OCSP server saying, “Yes, cert C is good at
time t”
nResponse
is like a “freshness certificate”
nOCSP
response is like a selective CRL
nClient
indicates the certs for which he wants status information
nOCSP
responder dynamically creates a lightweight CRL-like response for those
certs