Skip to navigation


Overview of Validation Technologies


CoreStreet offers a number of different technologies for performing validation.

Many organizations are finding that traditional validation technologies fail to provide adequate performance and quickly become cost prohibitive. To meet real world requirements, CoreStreet offers a range of validation solutions that work in the most demanding environments. CoreStreet technologies are crucial for scaling from several thousand to hundreds of millions of users and work in connected or disconnected environments. By offering a variety of approaches to validation, CoreStreet provides ultimate flexibility to choose an approach tailored to fit every security situation.

Side-by-side Comparison of Validation Technologies:

  Advantages Disadvantages Optimal # of Users
CRL
  • Easy to manage for small numbers
  • Works with all issued certificates
  • Industry standard
  • Huge bandwidth all the way to the clients
  • Does not scale past 10,000 users for large number of clients
100,000
T-OCSP
  • Small bandwidth between responder and clients
  • Works with all issued certificates
  • Industry standard
  • Requires trusted responders (extremely expensive)
  • Requires digital signing at each transaction (very slow)
  • Does not scale past 100,000 users
  • Loss of security if any responder is compromised
100,000
D-OCSP
  • Small bandwidth between responder and clients
  • No trusted responders required
  • Scales to millions of users
  • Computationally simple (no signing per transaction)
  • Works with all issued certificates
  • Industry standard
  • Bandwidth to responders is larger than with OCSP
10,000,000
MiniCRL
  • Tiny bandwidth between CA and responders
  • Small bandwidth between responder and clients
  • No trusted responders required
  • Scales to hundreds of millions of users
  • Computationally simple (no signing per transaction)
  • Works with all issued certificates
  • Not yet adopted as an industry standard
100,000,000+