Simple Direct OCSP and SCVP (DPV) Deployment

The following figure illustrates how Validation Authority can be integrated into a simple deployment to offer Direct OCSP and SCVP (DPV) services.

Functional Architecture for a Simple SCVP (DPV) deployment

• Validation Authority responds to direct OCSP requests coming from relying party applications. Validation Authority also computes certification paths and status information and services DPV requests from relying party applications. Each response is digitally signed by Validation Authority.

• Relying party applications query the Authority’s Direct SCVP Interface for validity status information about a certificate. The Authority returns a “Valid” or “Not Valid” status to the relying party.

• Relying party applications grant or deny a subscriber's service request based on the response received from the Authority, but only after validating the Authority’s signature on the SCVP response.