responder
Click on the red underlined text to get to the source
... OCSP Content" identifies zero or more trusted
OCSP responders and is a request for inclusion of an OCSP response in
the IKEv2 ...
... RFC2560].
Note that the OCSP responder does not refer to the party that
sends the CERT message.
...
...
(c) a CA Designated Responder (Authorized Responder) who holds a
specially marked certificate ...
... (c) a CA Designated Responder (Authorized Responder) who holds a
specially marked certificate issued directly by the CA ...
... certificate issued directly by the CA,
indicating that the responder may issue OCSP responses for that
CA ...
... OCSP response is signed by the CA
Designated Responder whereby the sender of the CERTREQ message does
...
... a CERTREQ message will identify one or more OCSP responders trusted
by the sender in case of (b).
...
...
Where it is useful to identify more than one trusted OCSP responder,
each such identification SHALL be concatenated in a manner identical
to the method ...
... IKEv2 message examples with both
peers, the initiator and the responder, using public key based
authentication ...
... payload identifying
zero or more OCSP responders trusted by the Responder. In response,
Initiator ...
... zero or more OCSP responders trusted by the Responder. In response,
Initiator sends in (3) both a CERT ...
... certificate.
It is important to note that in this scenario, the Responder in (2)
does not yet possess the Initiator's certificate ...
... OCSP in this scenario
that the Initiator has certain knowledge that the Responder is
capable of and willing to participate in the extension. Yet the
Responder ...
... Responder is
capable of and willing to participate in the extension. Yet the
Responder will only trust one or more OCSP responder ...
... Responder will only trust one or more OCSP responder signatures.
These factors motivate the definition of OCSP ...