HID Global’s ActivID® Validation Responder is a cost effective solution for scaling a PKI Certificate validation service centered around ActivID Validation Authority. Each Validation Responder provides a local OSCP service providing real time validation without the overhead of connecting to the centralized service. Organizations deploying the ActivID Validation Responder benefit from increased security and trust by validating certificates at time of usage, without slowing down the end user experience.
ActivID Validation Responder, deployed with the ActivID Validation Authority, is ideal for large organizations needing to implement real-time validation services across multiple regional networks. It is also a good fit for government agencies and partner networks participating in a federated Public Key Infrastructure (PKI) comprising multiple Certificate Authorities (CAs), in which each party requires the ability to validate the status and authenticity of external credentials.
The unique distributed architecture of the solution eliminates the need for securing individual Validation Responders with their own signing keys. This greatly reduces the cost and complexity typically associated with enterprise-wide PKI deployments. Data compression optimizes network resources and bandwidth and enables the solution to scale to address user populations of millions of certificates with response times that are virtually instantaneous.
The ActivID Validation Responder is available as software, a hardware appliance or virtual appliance to best fit your deployment strategy.
Key Features
The ActivID Validation Responder enables organizations to scale their PKI validation throughout their network. The solution supports:
- Strong security: PKI validation information is digitally signed to prevent tampering, but requires no cryptography to be performed by the responder. This eliminates the need to implement costly security measures, allowing the responder to be optimized for network performance.
- Industry Standards: Full compliance with industry OCSP, SCVP and PKI standards is met, as defined in their respective RFC specifications. The solution can be used with any standard OCSP and SCVP client.
- Scalability: Easily deploy more Validation Responders in your deployment to scale the OCSP service to where it is needed.
Specifications
The ActivID Validation Responder supports the following environments:
- Software Version: Microsoft Windows Server® 2012, 2012 R2 and 2016 (64-bit), Red Hat® Enterprise Linux v6.x and 7.x (64-bit).
- Virtual Appliance: VMware virtualization environment; Debian Linux 9.0 operating system.