Using OCSP in NIST 800-131a compliance mode
The Online Certificate Status Protocol (OCSP) is a set of ASN.1 defined data structures for requesting and receiving information about certificate revocation status. These data structures can be sent and received by many transport protocols. If HTTP is used and an OCSP client sends questions and processes responses, the OCSP responder answers questions and generates responses. For NIST 800-131a compliance, only a NIST 800-131a compliant certificate can be used for creating an OCSP request. If a non-compliant certificate is used, the communication fails and no OCSP request is created.