A method and system is presented for configuring a group of OCSP (Online
Certificate Status Protocol) responders so that they are highly
available. Each of the grouped OCSP responders share a common public key.
When responding to an OCSP request, an OCSP responder generates an OCSP
response that is signed with a group digital signature; the certificate
for the common or group public key can be attached to the OCSP response.
An OCSP client uses the group public key to verify the group digital
signature on an OCSP response from any of the OCSP responders. For an
OCSP client, the availability of this group of responders is greater than
the availability of any one member of the group.