Online Certificate Status Protocol
OCSP lets a client ask a certificate authority in real time whether a specific certificate has been revoked, instead of downloading a full revocation list. OCSP stapling improves on this by letting the web server attach a fresh signed status to the TLS handshake, which is faster and avoids leaking browsing activity to the CA. It is a core part of how browsers decide whether to trust a certificate.