Package eu.europa.esig.dss.model.x509.extension

Class OCSPNoCheck

java.lang.Object

eu.europa.esig.dss.model.x509.extension.CertificateExtension

eu.europa.esig.dss.model.x509.extension.OCSPNoCheck

All Implemented Interfaces:

OidBasedEnum, OidDescription, Serializable

public class OCSPNoCheck
extends CertificateExtension

RFC 6960. "4.2.2.2.1. Revocation Checking of an Authorized Responder" A CA may specify that an OCSP client can trust a responder for the lifetime of the responder's certificate. The CA does so by including the extension id-pkix-ocsp-nocheck. This SHOULD be a non-critical extension. The value of the extension SHALL be NULL. CAs issuing such a certificate should realize that a compromise of the responder's key is as serious as the compromise of a CA key used to sign CRLs, at least for the validity period of this certificate. CAs may choose to issue this type of certificate with a very short lifetime and renew it frequently.

See Also:

• Serialized Form

Constructor Summary

Constructors

Constructor	Description
OCSPNoCheck()	Default constructor

Method Summary

Modifier and Type	Method	Description
boolean	isOcspNoCheck()	Returns the ocsp-nocheck extension value, when present
void	setOcspNoCheck(boolean ocspNoCheck)	Sets the ocsp-nocheck extension value

Methods inherited from class eu.europa.esig.dss.model.x509.extension.CertificateExtension

checkCritical, getDescription, getOctets, getOid, isCritical, setOctets

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

OCSPNoCheck

public OCSPNoCheck()

Default constructor

Method Details

isOcspNoCheck

public boolean isOcspNoCheck()

Returns the ocsp-nocheck extension value, when present

Returns:

the ocsp-nocheck extension value, FALSE is not present

setOcspNoCheck

public void setOcspNoCheck(boolean ocspNoCheck)

Sets the ocsp-nocheck extension value

Parameters:

ocspNoCheck - ocsp-nocheck extension value