added web

1 files changed, 200 insertions, 0 deletions

diff --git a/manual/html_node/OCSP-status-request.html b/manual/html_node/OCSP-status-request.html
new file mode 100644
index 0000000000..822640c285
--- /dev/null
+++ b/manual/html_node/OCSP-status-request.html
@@ -0,0 +1,200 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+<!-- This manual is last updated 17 November 2012 for version
+3.1.5 of GnuTLS.
+
+Copyright (C) 2001-2012 Free Software Foundation, Inc.
+
+Permission is granted to copy, distribute and/or modify this document
+under the terms of the GNU Free Documentation License, Version 1.3 or
+any later version published by the Free Software Foundation; with no
+Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.  A
+copy of the license is included in the section entitled "GNU Free
+Documentation License". -->
+<!-- Created by GNU Texinfo 4.13.90, http://www.gnu.org/software/texinfo/ -->
+<head>
+<title>GnuTLS 3.1.5: OCSP status request</title>
+
+<meta name="description" content="GnuTLS 3.1.5: OCSP status request">
+<meta name="keywords" content="GnuTLS 3.1.5: OCSP status request">
+<meta name="resource-type" content="document">
+<meta name="distribution" content="global">
+<meta name="Generator" content="makeinfo">
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<link href="index.html#Top" rel="start" title="Top">
+<link href="Function-and-Data-Index.html#Function-and-Data-Index" rel="index" title="Function and Data Index">
+<link href="index.html#SEC_Contents" rel="contents" title="Table of Contents">
+<link href="TLS-Extensions.html#TLS-Extensions" rel="up" title="TLS Extensions">
+<link href="SRTP.html#SRTP" rel="next" title="SRTP">
+<link href="Safe-renegotiation.html#Safe-renegotiation" rel="previous" title="Safe renegotiation">
+<style type="text/css">
+<!--
+a.summary-letter {text-decoration: none}
+blockquote.smallquotation {font-size: smaller}
+div.display {margin-left: 3.2em}
+div.example {margin-left: 3.2em}
+div.indentedblock {margin-left: 3.2em}
+div.lisp {margin-left: 3.2em}
+div.smalldisplay {margin-left: 3.2em}
+div.smallexample {margin-left: 3.2em}
+div.smallindentedblock {margin-left: 3.2em; font-size: smaller}
+div.smalllisp {margin-left: 3.2em}
+kbd {font-style:oblique}
+pre.display {font-family: inherit}
+pre.format {font-family: inherit}
+pre.menu-comment {font-family: serif}
+pre.menu-preformatted {font-family: serif}
+pre.smalldisplay {font-family: inherit; font-size: smaller}
+pre.smallexample {font-size: smaller}
+pre.smallformat {font-family: inherit; font-size: smaller}
+pre.smalllisp {font-size: smaller}
+span.nocodebreak {white-space:nowrap}
+span.nolinebreak {white-space:nowrap}
+span.roman {font-family:serif; font-weight:normal}
+span.sansserif {font-family:sans-serif; font-weight:normal}
+ul.no-bullet {list-style: none}
+body { 
+	margin: 2%;
+	padding: 0 5%;
+	background: #ffffff;
+}
+h1,h2,h3,h4,h5 {
+    font-weight: bold;
+    padding: 5px 5px 5px 5px;
+    background-color: #c2e0ff;
+    color: #336699;
+}
+h1 {
+    padding: 2em 2em 2em 5%;
+    color: white;
+    background: #336699;
+    text-align: center;
+    letter-spacing: 3px;
+}
+h2 { text-decoration: underline; }
+pre {
+  margin: 0 5%;
+  padding: 0.5em;
+}
+pre.example,pre.verbatim {
+  padding-bottom: 1em;
+
+  border: solid #c2e0ff;
+  background: #f0faff;
+  border-width: 1px 1px 1px 5px;
+  margin: 1em auto;
+  width: 90%;
+}
+
+div.node {
+  margin: 0 -5% 0 -2%;
+  padding: 0.5em 0.5em;
+  margin-top: 0.5em;
+  margin-bottom: 0.5em;
+  font-weight: bold;
+}
+dd, li {
+  padding-top: 0.1em;
+  padding-bottom: 0.1em;
+}
+div.float {
+
+  margin-bottom: 0.5em;
+  text-align: center;
+}
+
+table {
+  text-align: left;
+  margin-left:auto;
+  margin-right:auto;
+  width: 50%;
+}
+
+th {
+  padding: 0;
+  color: #336699;
+  background-color: #c2e0ff;
+  border: solid #000000;
+  border-width: 0px;
+  margin: 1em auto;
+  text-align: center;
+  margin-left:auto;
+  margin-right:auto;
+}
+
+td {
+  padding: 0;
+  border: solid #000000;
+  background-color: #f0faff;
+  border-width: 0px;
+  margin: 1em auto;
+  text-align: left;
+  margin-left:auto;
+  margin-right:auto;
+  padding-left: 1em;
+}
+
+dl {
+  text-align: left;
+  margin-left:auto;
+  margin-right:auto;
+  width: 50%;
+
+  padding-left: 1em;
+  border: solid #c2e0ff;
+  background: #f0faff;
+  border-width: 5px 1px 1px 1px;
+  margin: 1em auto;
+}
+
+-->
+</style>
+
+
+</head>
+
+<body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
+<a name="OCSP-status-request"></a>
+<div class="header">
+<p>
+Next: <a href="SRTP.html#SRTP" accesskey="n" rel="next">SRTP</a>, Previous: <a href="Safe-renegotiation.html#Safe-renegotiation" accesskey="p" rel="previous">Safe renegotiation</a>, Up: <a href="TLS-Extensions.html#TLS-Extensions" accesskey="u" rel="up">TLS Extensions</a> &nbsp; [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Function-and-Data-Index.html#Function-and-Data-Index" title="Index" rel="index">Index</a>]</p>
+</div>
+<hr>
+<a name="OCSP-status-request-1"></a>
+<h4 class="subsection">3.6.6 OCSP status request</h4>
+<a name="index-OCSP-status-request"></a>
+<a name="index-Certificate-status-request"></a>
+
+<p>The Online Certificate Status Protocol (OCSP) is a protocol that allows the
+client to verify the server certificate for revocation without messing with
+certificate revocation lists. Its drawback is that it requires the client
+to connect to the server&rsquo;s CA OCSP server and request the status of the
+certificate. This extension however, enables a TLS server to include
+its CA OCSP server response in the handshake. That is an HTTPS server
+may periodically run <code>ocsptool</code> (see <a href="ocsptool-Invocation.html#ocsptool-Invocation">ocsptool Invocation</a>) to obtain
+its certificate revocation status and serve it to the clients. That
+way a client avoids an additional connection to the OCSP server.
+</p>
+<dl compact="compact">
+<dt><code><var>void</var> <a href="Core-TLS-API.html#gnutls_005fcertificate_005fset_005focsp_005fstatus_005frequest_005ffunction">gnutls_certificate_set_ocsp_status_request_function</a> (gnutls_certificate_credentials_t <var>sc</var>, gnutls_status_request_ocsp_func <var>ocsp_func</var>, void * <var>ptr</var>)</code></dt>
+<dt><code><var>int</var> <a href="Core-TLS-API.html#gnutls_005fcertificate_005fset_005focsp_005fstatus_005frequest_005ffile">gnutls_certificate_set_ocsp_status_request_file</a> (gnutls_certificate_credentials_t <var>sc</var>, const char* <var>response_file</var>, unsigned int <var>flags</var>)</code></dt>
+<dt><code><var>int</var> <a href="Core-TLS-API.html#gnutls_005focsp_005fstatus_005frequest_005fenable_005fclient">gnutls_ocsp_status_request_enable_client</a> (gnutls_session_t <var>session</var>, gnutls_datum_t * <var>responder_id</var>, size_t <var>responder_id_size</var>, gnutls_datum_t * <var>extensions</var>)</code></dt>
+<dt><code><var>int</var> <a href="Core-TLS-API.html#gnutls_005focsp_005fstatus_005frequest_005fis_005fchecked">gnutls_ocsp_status_request_is_checked</a> (gnutls_session_t <var>session</var>, unsigned int <var>flags</var>)</code></dt>
+</dl>
+
+<p>A server is required to provide the OCSP server&rsquo;s response using the <a href="Core-TLS-API.html#gnutls_005fcertificate_005fset_005focsp_005fstatus_005frequest_005ffile">gnutls_certificate_set_ocsp_status_request_file</a>.
+The response may be obtained periodically using the following command.
+</p>
+<div class="example">
+<pre class="example">ocsptool --ask --load-cert server_cert.pem --load-issuer the_issuer.pem
+         --load-signer the_issuer.pem --outfile ocsp.response
+</pre></div>
+
+<p>Since version 3.1.3 GnuTLS clients transparently support the certificate status
+request.
+</p>
+
+
+
+</body>
+</html>