Policy

Require OCSP at signature generation time

This policy setting lets you determine whether Office 2016 requires OCSP (Online Certificate Status Protocol) revocation data for all digital certificates in a chain when digital signatures are generated. If you enable this policy setting, Office 2016 requires OCSP revocation data for all certificates in a chain when digital signatures are generated. If you disable or do not configure this policy setting, Office 2016 does not set any restrictions on what type of revocation data is to be used.

Policy
Pack Microsoft Office
Category Microsoft Office 2016 / Security Settings / Digital Signatures
Policy ID aa7c5a18eee5
Internal name L_RequireOCSPAtSignatureGenerationTime

Registry

Copy registry mappings

HKCU\software\policies\microsoft\office\16.0\common\signatures\requireocsp (enabled) = 1
HKCU\software\policies\microsoft\office\16.0\common\signatures\requireocsp (disabled) = 0

Policy notes

This policy setting lets you determine whether Office 2016 requires OCSP (Online Certificate Status Protocol) revocation data for all digital certificates in a chain when digital signatures are generated. If you enable this policy setting, Office 2016 requires OCSP revocation data for all certificates in a chain when digital signatures are generated. If you disable or do not configure this policy setting, Office 2016 does not set any restrictions on what type of revocation data is to be used.

Related policies

Check the XAdES portions of a digital signatureConfigure invalid DSA public key sizeConfigure invalid hashing algorithmConfigure invalid RSA public key sizeConfigure legacy DSA public key sizeConfigure legacy hashing algorithmConfigure legacy RSA public key size