Lecture 8: Certificate Revocation List (CRL), CRL data structure, Online Certificate Status Protocol (OCSP), structure of OCSP request and response, OCSP response freshness checking (nonce mechanism), revocation checking in browsers, HTTP protocol, sockets in Python
00:00 Introduction
00:28 Certificate validity
03:01 CRL Distribution Points
03:29 Certificate Revocation List (CRL)
05:53 Certificate Chain
10:02 Liability analysis
15:26 Questions (CRL)
15:32 Online Certificate Status Protocol
17:24 Authority Information Access
17:50 OCSP over HTTP
19:16 Request syntax
20:31 Response syntax
22:51 Who signs OCSP responses?
25:15 How can the freshness of a response be checked?
29:51 Revocation checking by browsers
37:03 Questions (OCSP)
37:08 Hypertext Transfer Protocol (HTTP)
41:08 Sockets in Python
44:10 Task: OCSP checker
45:12 Task: OCSP checker
48:10 Task: OCSP checker
49:46 Comments
University of Tartu, MTAT.07.017 Applied Cryptography, Spring 2024
Instructor: Arnis Parsovs
View the complete course: https://courses.cs.ut.ee/2024/appcrypto/spring
