OID value: 1.3.6.1.5.5.7.48.1.5
OID description:
4.2.2.2.1 Revocation Checking of an Authorized Responder
Since an Authorized OCSP responder provides status information for
one or more CAs, OCSP clients need to know how to check that an
authorized responder's certificate has not been revoked. CAs may
choose to deal with this problem in one of three ways:
- A CA may specify that an OCSP client can trust a responder for the
lifetime of the responder's certificate. The CA does so by including
the extension id-pkix-ocsp-nocheck. This SHOULD be a non-critical
extension. The value of the extension should be NULL. CAs issuing
such a certificate should realized that a compromise of the
responder's key, is as serious as the compromise of a CA key used to
sign CRLs, at least for the validity period of this certificate. CA's
may choose to issue this type of certificate with a very short
lifetime and renew it frequently.
id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 }
URL for further info: http://www.ietf.org/rfc/rfc2560.txt?number=2560
See also the OID Repository website reference for 1.3.6.1.5.5.7.48.1.5