You will need a certificate from a certificate authority (CA). I've been looking at prices, and IdenTrust seems to be the most reasonable for notaries. You want a document signing certificate, not an email certificate.
Decent certificate authorities provide two methods to notify the world that a certificate has been revoked. One method is a list of revoked certificates, known as a certificate revocation list (CRL). Another method is an online method for asking about the status of an individual certificate, known as the Online Certificate Status Protocol. Both of these methods are taken care of automatically by the software you use to view a digitally signed certificate, such as Adobe Reader or Microsoft Word.*
The Texas Secretary of State attempts to explain this, but gets this wrong, at
https://www.sos.state.tx.us/statdoc/digital.shtml
Here is their nonsense:
"What is OCSP certificate and/or what does the SOS Portal verify?
"The OCSP (Online Certificate Status Protocol) certificate signifies the issuer of the digital certificate has successfully passed the Offensive Security Certificate Professional (OSCP) exam and is an alternative to the Certificate Revocation list (CRL). Our SOS portal ensures the digital certificate provided by applicants is an issuer who has passed the required OSCP exam."
In reality, the Offensive Security Certificate Professional is a security certification. It seems to be issued by an outfit called OffSec (https://www.offsec.com), although their website is a little hard to interpret. It has nothing at all to do with Online Certificate Status Protocol.
You can look at my profile to see the computer security certificates I hold. |
