* The pros and cons of Real Time Credentials X.509 certificate validation system What is the point of deploying an enterprise digital certificate infrastructure if you can’t readily check the status of certificates being presented to your network?That’s the question keeping the Reviewmeister up nights, so we decided to test CoreStreet’s Real Time Credentials (RTC) X.509 certificate validation system.We found that its unique approach works as advertised, but it may be overkill for most enterprises currently using a certificate infrastructure.The CoreStreet platform provides certificate status services through a network of distributed OCSP responders, which are lightweight servers that contain no sensitive cryptographic information and can be safely distributed throughout an enterprise for high availability and scalability purposes. A central RTC Validation Authority (VA) – built upon the Apache Tomcat Web services platform – retrieves the Certificate Revocation List (CRL) and a list of all issued certificates from the underlying Certificate Authority (CA) and uses this information to generate “proofs”, or pre-built OCSP responses. Then RTC Responders – light-weight appliances distributed around the network – retrieve these proofs from the VA via HTTP and use them to generate the OCSP responses. Security applications that process certificates issue OCSP requests. The application then uses the OCSP response to determine the validity of a certificate. Like we said, it works, but it’s sure complicated.The RTC-VA and each RTC Responder are each managed separately through a Web-based GUI. There is no centralized management capability.In order to tap into the OCSP services offered by CoreStreet, security devices must support SSL, 802.1x, IP Security or some other certificate-aware protocol such as SMIME, or the digital signature feature of Adobe Acrobat, and be configured to check the status of the certificate. Not many applications directly support OCSP yet.Certificate status is updated automatically on a periodic basis configured by the operator in the RTC VA and the RTC Responder. To force immediate change propagation, you have to manually intervene on each component to perform an update.For the full report, go to https://www.nwfusion.com/reviews/2004/0809rev.html Related content news TSMC bets on AI chips for revival of growth in semiconductor demand Executives at the chip manufacturer are still optimistic about the revenue potential of AI, as Nvidia and its partners say new GPUs have a lead time of up to 52 weeks. By Sam Reynolds Dec 08, 2023 3 mins CPUs and Processors CPUs and Processors Technology Industry news End of road for VMware’s end-user computing and security units: Broadcom Broadcom is refocusing VMWare on creating private and hybrid cloud environments for large enterprises and divesting its non-core assets. By Sam Reynolds Dec 08, 2023 3 mins Mergers and Acquisitions news analysis IBM cloud service aims to deliver secure, multicloud connectivity IBM Hybrid Cloud Mesh is a multicloud networking service that includes IT discovery, security, monitoring and traffic-engineering capabilities. By Michael Cooney Dec 07, 2023 3 mins Network Security Cloud Computing Networking news Gartner: Just 12% of IT infrastructure pros outpace CIO expectations Budget constraints, security concerns, and lack of talent can hamstring infrastructure and operations (I&O) professionals. By Denise Dubie Dec 07, 2023 4 mins Network Security Data Center Industry Podcasts Videos Resources Events NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe