Certificates, such as public key and private key certificates, may be used to provide trusted Internet communications. However, certificates may expire or be revoked. Certain protocols, such as Online Certificate Status Protocol (OCSP) may be used to obtain certificate status information, such as whether a certificate is valid or if it has been revoked.
Establishing a Secure Socket Layer (SSL) connection and validating online certificates adds additional latency to establishing a connection. The standard approach is to use the OCSP as defined, wait for the information used to validate a certificate, and then validate it in real time. This requires information to be serially acquired, adding one to two roundtrips to establishing an SSL connection. These extra round trips incur additional latency, which may cause user discomfort.