HID Global’s ActivID® Validation Responder is a cost effective solution for scaling a PKI Certificate validation service centered around the ActivID Validation Authority. Each Validation Responder provides a local OSCP service providing real time validation without the overhead of connecting to the centralized service. Organizations deploying the ActivID Validation Responder benefit from increased security and trust by validating certificates at time of usage, without negatively impacting end user experience.

The ActivID Validation Responder, deployed with the ActivID Validation Authority, is ideal for large organizations needing to implement real-time validation services across multiple regional networks. It is also a good fit for government agencies and partner networks participating in a federated Public Key Infrastructure (PKI) comprising multiple Certificate Authorities (CAs), in which each party requires the ability to validate the status and authenticity of others’ credentials.

The unique distributed architecture of the solution eliminates the need for securing individual Validation Responders with their own signing keys. This greatly reduces the cost and complexity typically associated with enterprise-wide PKI deployments. Data compression optimizes network resources and bandwidth and enables the solution to scale to address user populations of millions of certificates with response times that are virtually instantaneous.

The ActivID Validation Responder is available as software, hardware appliance or virtual appliance to best fit your deployment strategy. The appliance form-factor simplifies administration and makes it easy to scale as required.

Key Features

The ActivID Validation Responder enables organizations to scale their PKI validation throughout their network. The solution supports:

• Strong security: PKI validation information is digitally signed to prevent tampering, but requires no cryptography to be performed by the appliance. This eliminates the need to implement costly security measures, allowing the appliance to be optimized for network performance.
• Industry Standards: Fully compliant with the industry OCSP, SCVP and PKI standards, as defined in their respective RFC specifications. It can be used with any standard OCSP and SCVP client.
• Scalability: An effective building block for scaling an OCSP service to only where it is needed, saving IT administration and infrastructure costs.

The ActivID Validation Responder Appliance has the following specifications:

• Appliance Model: Dell PowerEdge R230 rackmount server
• CPU: Intel Xeon E3-1225, 3.3 GHz
• RAM: 4 GB
• Operating System: Debian Linux 7.0
• Height: 1U rack height
• Throughput: Up to 2400 OCSP responses per second
• Warranty: 3-year on-site* hardware warranty (*in countries serviced by Dell)