As far as I know, OCSP only provides explicit means for requests and responses to be signed ([RFC2560, page 7] for requests, and [RFC2560, page 8] for responses), but it does not make any mention a...

I want to apply web service security according to OWASP Web Service Security. Thereby I stumbled over the two points: Message Integrity Message Confidentiality So far there is just a RESTful se...