3-Heights⢠PDF Security Shell - PDF Tools AG
3-Heights⢠PDF Security Shell - PDF Tools AG
3-Heights⢠PDF Security Shell - PDF Tools AG
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
3-Heights <strong>PDF</strong> <strong>Security</strong> <strong>Shell</strong>, Version 4.2 Page 24 of 35<br />
July 8, 2013<br />
5.7 Caching of CRLs, OCSP and TSP Reponses<br />
In order to improve the speed when mass signing, the 3-Heights <strong>PDF</strong> <strong>Security</strong> <strong>Shell</strong> provides a caching<br />
algorithm to store CRL (Certificate Revocation List), OCSP (Online Certificate Status Protocol) and TSP<br />
(Time Stamp Protocol). This data is usually valid over period of time that is defined by the provider, which<br />
is normally at least 24 hours. Caching improves the speed, because there are situations when the server<br />
of the provider does not need to be contacted for every digital signature. The following caches are stored<br />
automatically by the 3-Heights <strong>PDF</strong> <strong>Security</strong> <strong>Shell</strong> at the indicated location:<br />
OCSP responses: /temp/ocsp/server-serial.der<br />
CRL:<br />
TSP responses 1 :<br />
/temp/crl/server.der<br />
/temp/tsp/server.der<br />
The caches can be cleared by deleting the files. However, if a file is present it must be valid (i.e. stored by<br />
the caching mechanism).<br />
The files are updated if the current date and time exceeds the “next update” field in the OCSP response or<br />
CRL respectively.<br />
1 TSP responses are not embedded but only used for the computation of the signature length.<br />
<strong>PDF</strong> <strong>Tools</strong> <strong>AG</strong> – Premium <strong>PDF</strong> Technology