secure2sign supports the validation of certificates used to sign a document through the use of an OCSP caller. If an organisation uses OSCP to validate digital certificates, secure2sign will automatically check the revocation/expiry status of the certificate on signing a document. The advantage of OCSP over the use of CRL lists to check the status of a digital certificate is that OCSP status checking is done in real-time and status is therefore current.

secure2sign also stores  the OCSP client log in the signature, providing a permanent record of the OCSP certificate validation at the tie of signing.