aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-07-05 20:54:35 +0000
committerlloyd <[email protected]>2012-07-05 20:54:35 +0000
commite2af26e5dc92677f9a9d03f464dd9c5322a73c87 (patch)
treec1c597893a8f765c211dd34960d6dad16ed51268
parent2f94d5c85d3eb05a3d2f83e7783fb8d1bc2d5536 (diff)
A bit more OCSP documentation
-rw-r--r--doc/ocsp.rst11
1 files changed, 8 insertions, 3 deletions
diff --git a/doc/ocsp.rst b/doc/ocsp.rst
index 51486dbc1..6c52cbe50 100644
--- a/doc/ocsp.rst
+++ b/doc/ocsp.rst
@@ -3,7 +3,8 @@ OCSP
A client makes an OCSP request to what is termed an 'OCSP responder'.
This responder returns a signed response attesting that the
-certificate in question has not been revoked.
+certificate in question has not been revoked. One common way of making
+OCSP requests is via HTTP, see :rfc:`2560` Appendix A for details.
.. cpp:class:: OCSP::Request
@@ -12,6 +13,10 @@ certificate in question has not been revoked.
Create a new OCSP request
+ .. cpp:function:: std::vector<byte> BER_encode() const
+
+ Encode the current OCSP request as a binary string.
+
.. cpp:function:: std::string base64_encode() const
Encode the current OCSP request as a base64 string.
@@ -29,6 +34,6 @@ certificate in question has not been revoked.
const X509_Certificate& subject) const
Returns true if and only if this OCSP response is not an error,
- is signed correctly, and the response indicates that *issuer* is
- not currently revoked.
+ is signed correctly, and the response indicates that *subject*
+ is not currently revoked.