public class OCSPNoCheckExtension extends Extension
A CA may specify that an OCSP client can trust a responder for the lifetime of the responder's certificate. The CA does so by including the extension id-pkix-ocsp-nocheck. This SHOULD be a non-critical extension. The value of the extension should be NULL. CAs issuing such a certificate should realize that a compromise of the responder's key is as serious as the compromise of a CA key used to sign CRLs, at least for the validity period of this certificate. CA's may choose to issue this type of certificate with a very short lifetime and renew it frequently.
id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 }
Extension| Modifier and Type | Field and Description |
|---|---|
static java.lang.String |
NAME |
critical, extensionId, extensionValue| Constructor and Description |
|---|
OCSPNoCheckExtension()
Create a OCSPNoCheckExtension
|
OCSPNoCheckExtension(java.lang.Boolean critical,
java.lang.Object value)
Create the extension from the passed DER encoded value.
|
| Modifier and Type | Method and Description |
|---|---|
java.lang.String |
getName()
Return the name of this extension.
|
encode, encode, equals, getExtensionId, getExtensionValue, getId, getValue, hashCode, isCritical, newExtension, toStringpublic static final java.lang.String NAME
public OCSPNoCheckExtension()
throws java.io.IOException
java.io.IOExceptionpublic OCSPNoCheckExtension(java.lang.Boolean critical,
java.lang.Object value)
throws java.io.IOException
critical - true if the extension is to be treated as critical.value - an array of DER encoded bytes of the actual value.java.io.IOException - on error.