continually being asked> ocspd wants to connect

General discussions about Little Snitch
Post Reply
requesting help

continually being asked> ocspd wants to connect

Post by requesting help » Sun Nov 25, 2007 6:28 am

i don't know what ocspd is

but since LS 2 upgrade I am getting all the time these requests for some variation along these lines:

ocspd wants to connect evintl-ocsp.verisign.com on tcp
here is one image (like I said, it's one variation, but this is usually the common IP Address and reverse dns name) and it's usually either /usr/sbin/ocspd and Process ID 248 or Process ID 241 or tgv.edge-fo.lax2.verisign.com process id 238 ocspd

i always tell it NO because I don't know what this is. I wonder if anybody knows?

also does LS 2 use something called OSAScript that shows up in the Activity Monitor? I don't know what that is either, it's appearing now. Is it related to LS 2?

Thank you

Also: is there some list to find out what all these processes are and what they do and if there is any way to tell if something is sneaky or wrong going on?

thanks again

Guest

Post by Guest » Sun Nov 25, 2007 6:33 am

oops forgot the image

Image

jakaj
Posts: 12
Joined: Mon Nov 26, 2007 4:08 pm

Post by jakaj » Mon Nov 26, 2007 4:12 pm

oscpd is OK. It's OS X checking the certificate revocation lists for the certificate authorities you have installed.

Guest

Post by Guest » Wed Nov 28, 2007 4:59 am

jakaj wrote:oscpd is OK. It's OS X checking the certificate revocation lists for the certificate authorities you have installed.


the certificate authorities I have installed? What certificate authorities? I have no idea what that is much less when/where/how I would have installed it/them....

i keep getting tons of these popups to places like thawte, verisign, starfieldtech - with all different weird IP numbers and even stranger reverse DNS addresses -- if you know, how do i find out more about this and how to know if what's phoning home/out is ok or not okay?

I mean, how does it get installed and why, etc?

thanks for your reply -- (me, obviously not a tech person)

jakaj
Posts: 12
Joined: Mon Nov 26, 2007 4:08 pm

Post by jakaj » Wed Nov 28, 2007 9:01 am

Sorry, I meant it like a description of a state. So, those certs that ARE installed on your machine. So default ones + yours.

Open Keychain Access and select the X509Anchors or System roots keychains (there was only X509Anchors in Tiger. I think System roots is now the new place, but X509Anchors is still kept around (at least for me)).

This is where the certificate authorities' root certificates are installed (I think in leopard you can also put them in your login keychain to be recognized) .

I don't know if you can set CRL (Certificate Revocation List) updating on a per-cert basic, but you can open Preferences, select the Certificates tab and configure it there.

For what exactly is OCSP and CRL, I suggest you ask Wikipedia =)

Guest

Post by Guest » Wed Dec 05, 2007 6:03 pm

thanks! i did start reading about those things; i still don't really understand :oops: -but thank you -- i think it stopped doing that -

Post Reply