Skip to navigation


CoreStreet Validation Authority


Overview

The CoreStreet Validation Authority (VA) is a complete software solution that enables secure, scalable, and reliable digital certificate validation for populations of any size.

Features and Benefits

The CoreStreet Validation Authority is designed to support both traditional and distributed OCSP implementations. CoreStreet developed the distributed OCSP approach to support the needs of large, dispersed organizations. The benefits of this type of deployment include:

  • Security

    VA Responders have no private keys, so require little physical or network protection. These Responders cannot provide false responses even if compromised. In addition, the Validation Authority has received Common Criteria EAL3 certification
  • Scalability

    VA Responders can be rapidly deployed in any location, allowing for scalability to hundreds of remote sites.
  • Availability

    Since VA Responders can be easily replicated in many locations, overall service availability is extremely high with excellent survivability under attack when compared to centralized, trusted topologies.
  • Performance

    VA Responders can be placed close to relying parties allowing extremely low latency for OCSP responses.
  • Cost Effective

    VA pricing allows for unlimited Responder deployment without software fees. In addition, there are no per-transaction costs.
  • Standards Compliance

    While the CoreStreet VA represents a revolutionary approach to certificate validation, it integrates seamlessly with existing PKI components through standards such as X.509, OCSP, and LDAP.
  • Ease of Management

    Since the VA Responders represent stateless, appliance-grade functionality, only the central Validation Authority requires management. The Validation Authority can be configured through a full-featured web interface, command-line tools, or a programmatic API.

Architecture

The CoreStreet Validation Authority (VA) consists of the components described in the following table:

Software Components Description
CoreStreet Validation Authority The Validation Authority is the source of the validation proofs. It distributes lists of public validation proofs to any number of Validation Responders.
VA Responders The VA Responders retrieve lists of validation proofs from one or more Validation Authorities and provide individual certificate validation information to relying party applications through an HTTP-based protocol.
Relying Party (RP) API This API is integrated into relying 3rd party applications. Its purpose is to inspect certificates and validate their associated privileges using validation proofs which are retrieved from Responders.

Each of these components is structured as an extensible set of tools that can be easily integrated into existing infrastructures and business processes. The Validation Authority and Responder products can be deployed as standalone programs whereas the Relying Party API is intended to be integrated into other programs or applications. Standard protocols and formats allow for replacement and/or cross-integration with other commercial products.

Product Information

White papers

Other PKI products

CoreStreet toolkits

For more information