i don't know what ocspd is
but since LS 2 upgrade I am getting all the time these requests for some variation along these lines:
ocspd wants to connect evintl-ocsp.verisign.com on tcp
here is one image (like I said, it's one variation, but this is usually the common IP Address and reverse dns name) and it's usually either /usr/sbin/ocspd and Process ID 248 or Process ID 241 or tgv.edge-fo.lax2.verisign.com process id 238 ocspd
i always tell it NO because I don't know what this is. I wonder if anybody knows?
also does LS 2 use something called OSAScript that shows up in the Activity Monitor? I don't know what that is either, it's appearing now. Is it related to LS 2?
Thank you
Also: is there some list to find out what all these processes are and what they do and if there is any way to tell if something is sneaky or wrong going on?
thanks again
Objective Development Forums
continually being asked> ocspd wants to connect
6 posts • Page 1 of 1
continually being asked> ocspd wants to connect
by requesting help » Sun Nov 25, 2007 5:28 am
- requesting help
by Guest » Wed Nov 28, 2007 3:59 am
jakaj wrote:oscpd is OK. It's OS X checking the certificate revocation lists for the certificate authorities you have installed.
the certificate authorities I have installed? What certificate authorities? I have no idea what that is much less when/where/how I would have installed it/them....
i keep getting tons of these popups to places like thawte, verisign, starfieldtech - with all different weird IP numbers and even stranger reverse DNS addresses -- if you know, how do i find out more about this and how to know if what's phoning home/out is ok or not okay?
I mean, how does it get installed and why, etc?
thanks for your reply -- (me, obviously not a tech person)
- Guest
by jakaj » Wed Nov 28, 2007 8:01 am
Sorry, I meant it like a description of a state. So, those certs that ARE installed on your machine. So default ones + yours.
Open Keychain Access and select the X509Anchors or System roots keychains (there was only X509Anchors in Tiger. I think System roots is now the new place, but X509Anchors is still kept around (at least for me)).
This is where the certificate authorities' root certificates are installed (I think in leopard you can also put them in your login keychain to be recognized) .
I don't know if you can set CRL (Certificate Revocation List) updating on a per-cert basic, but you can open Preferences, select the Certificates tab and configure it there.
For what exactly is OCSP and CRL, I suggest you ask Wikipedia =)
Open Keychain Access and select the X509Anchors or System roots keychains (there was only X509Anchors in Tiger. I think System roots is now the new place, but X509Anchors is still kept around (at least for me)).
This is where the certificate authorities' root certificates are installed (I think in leopard you can also put them in your login keychain to be recognized) .
I don't know if you can set CRL (Certificate Revocation List) updating on a per-cert basic, but you can open Preferences, select the Certificates tab and configure it there.
For what exactly is OCSP and CRL, I suggest you ask Wikipedia =)
- jakaj
- Posts: 12
- Joined: Mon Nov 26, 2007 3:08 pm
-but thank you -- i think it stopped doing that -
6 posts • Page 1 of 1
Return to Little Snitch General
Who is online
Users browsing this forum: Google [Bot] and 1 guest