The process of OCSP in iOS

We have confirmed that there is a server certificate revoke check by OCSP in iOS. We have some question about detail of this process.

Q1. There is no request to OCSP Responder from iPhone when My Apps calls SecTrustEvaluate what using policy kSecRevokationOCSPMethod while

executing URLSession:didReceiveChallenge on iPhone.

Is it because of I got the answer form “the caches” which has been saved in iPhone before ?

Q2. If Q1 is Yes , Could you tell me the timing of accessing to OCSP Responder in iOS?

(Is it related to the App, or it is automatic updating in iOS?)

Q3. If Q1 is Yes, How does it determine the expiration date of its caches?

(Is there any information about next Update in the response from OCSP ?)

Q4.When the iOS application using the UIWebview performs HTTPS access, In the case of redirect server is revoked ,does application check the OCSP responder whether it has been revoked or not

Evaluation Environmnet






only Wifi access (without using SIM)