I was experimenting with an add-on in Firefox that monitors HTTP responses and HTTP requests. While doing a standard Google search I noticed a request to clients1.google.com, specifically to the http://clients1.google.com/ocsp URL:
The request is of the “application/ocsp-request” type. OCSP is an acronym for Online Certificate Status Protocol and it is a protocol used for getting the revocation status of a digital certificate.
And that’s probably what the connection is about: Checking the revocation status for some certificate, probably Google’s HTTPS certificate since I was doing a Google https:// search. I have not bothered to decode the OCSP request to see in detail what information Firefox requests. Please let me know what you find out if you dig deeper into the clients1.google.com communication.
Thanks for reading!