An Online Responder is a trusted server that receives and responds to individual client requests for information about the status of a certificate.
The use of Online Responders is one of two common methods for conveying information about the validity of certificates. Unlike certificate revocation lists (CRLs), which are distributed periodically and contain information about all certificates that have been revoked or suspended, an Online Responder receives and responds only to individual requests from clients for information about the status of a certificate. The amount of data retrieved per request remains constant no matter how many revoked certificates there might be.
In many circumstances, Online Responders can process certificate status requests more efficiently than by using CRLs. For example:
- Clients who connect to the network remotely
and either do not need nor have the high-speed connections required
to download large CRLs.
- A network needs to handle large peaks in
revocation checking activity, such as when large numbers of users
log on or send signed e-mail simultaneously.
- An organization needs an efficient means to
distribute revocation data for certificates issued from a
non-Microsoft certification authority (CA).
- An organization wants to provide only the
revocation checking data needed to verify individual certificate
status requests, rather than make available information about all
revoked or suspended certificates.