Pop Quiz

Certificate Services (Exam 70-642)

What other method of certificate revocation checking is available in Windows 2008 which alleviates clients from having to download large revocation lists from traditional CRL servers when using Certificate Services?

  1. WINS
  2. OCSP
  3. DHCP
  4. DNS

B. The Online Certificate Status Protocol client is available in Vista, which allows it to contact certificate services OSCP responders running Windows 2008 Certificate Services.

The OCSP responder receives and responds to requests from clients only for the information about a single certificate.

OCSP responders help to ensure the amount of data and time to provide that data is consistent when compared to traditional certificate revocation lists. CRLs often contain expired time and revocation status for X.509, S/MIME, SSL, EFS, and smart card certificates.

Click here to comment on this answer.

Tip: Online responders should be installed on computers running Windows 2008 after the CAs are installed.

Tech Reference: "Certficate Services Overview" (TechNet)

About the Author

Andy Barkl, MCT/MCITP/MCSA, A+, Network+, Security+, CCNA has been studying technology for 30 years. Of the last 15 years, he has spent much of his time parting the knowledge and experience he has gained through IT exams, over 300, to help others be prepared and successful. He teaches classes in Phoenix, Ariz. where he has lived most of his life. He can be reached by e-mail at [email protected].

comments powered by Disqus
Most   Popular