Online Certificate Status Protocol

Description

The Online Certificate Status Protocol (OCSP) is an IETF standard (RFC 6960) adopted within 3GPP specifications to provide real-time validation of the revocation status of public key certificates. In a Public Key Infrastructure (PKI), certificates can be revoked before their expiration date due to private key compromise or other issues. OCSP provides a more efficient and timely alternative to traditional Certificate Revocation Lists (CRLs). The protocol operates in a client-server model: an OCSP client (known as a requester) sends a status request for a specific certificate to an OCSP responder (server). The responder, which is typically operated by the Certificate Authority (CA) or a delegated entity, checks its revocation database and returns a digitally signed response indicating the certificate's status: 'good', 'revoked', or 'unknown'.

Within 3GPP architectures, OCSP is integrated into various security frameworks. For example, in the Generic Bootstrapping Architecture (GBA), OCSP can be used by network application functions (NAFs) or the Bootstrapping Server Function (BSF) to validate the certificates presented by user equipment (UE) or other network elements. The protocol messages are typically carried over HTTP. An OCSP request contains an identifier for the certificate in question (often a hash of its serial number and issuer name). The OCSP response is signed by the responder's key, and the client must validate this signature using a trusted responder certificate. 3GPP profiles the use of OCSP, specifying mandatory certificate extensions, acceptable cryptographic algorithms, and requirements for response caching to reduce load on the responder.

Its role is critical for maintaining the trust chain in 3GPP security systems that rely on PKI, such as for securing interfaces in 5G Service-Based Architecture (SBA), for authentication in IoT scenarios using credentials like SUCI/SUPI, and for validating certificates in multimedia subsystems. By enabling immediate revocation checking, OCSP mitigates the risk of relying on a compromised certificate, which is a significant security threat. It is a foundational component for dynamic trust management in modern, automated mobile networks.

Purpose & Motivation

OCSP was integrated into 3GPP standards to address the limitations of Certificate Revocation Lists (CRLs) in dynamic mobile environments. CRLs are periodically published lists of all revoked certificates, which clients must download and process. This model has significant drawbacks: it introduces latency (as clients may be using stale lists), consumes bandwidth (especially for large lists), and does not scale well for devices with limited resources. In fast-paced mobile networks where devices roam and services are instantiated on-demand, a near-real-time revocation check is often necessary.

The protocol solves the problem of timely and efficient certificate status validation. It allows a network entity to query the status of a single certificate at the exact moment a trust decision is needed, providing much fresher information than a CRL. This is crucial for security-sensitive operations like initial network access authentication, establishing secure tunnels, or validating software updates. Its adoption in 3GPP was motivated by the increasing reliance on PKI for network function authentication in all-IP architectures (like IMS and 5G SBA) and for securing IoT device credentials. OCSP provides the agility required for automated, zero-touch provisioning and operation in these complex ecosystems, where the security state can change rapidly.

Key Features

• Real-time querying of individual certificate revocation status.
• Returns signed responses: good, revoked, or unknown.
• Reduces bandwidth and latency compared to full CRL downloads.
• Supports response caching with defined freshness (nextUpdate field).
• Integrated into 3GPP security architectures like GBA and SBA.
• Uses HTTP/HTTPS as a transport for protocol messages.

Evolution Across Releases

Defining Specifications