Which web traffic protection method periodically obtains a time-stamped OCSP response from the certificate authority?

The correct answer is that certificate stapling periodically obtains a time-stamped Online Certificate Status Protocol (OCSP) response from the certificate authority. This method enhances web traffic protection by allowing a web server to provide the OCSP response directly to the client during the SSL/TLS handshake.

In certificate stapling, instead of the client making a separate request to the certificate authority to verify the certificate's validity, the server "staples" the OCSP response to the initial certificate it sends. This not only improves performance by reducing the time and network overhead associated with OCSP queries but also enhances privacy since the client does not have to communicate directly with the certificate authority.

Certificate pinning involves binding a host to its expected public key or certificate, rather than fetching OCSP responses. Strict Transport Security (HSTS) is a web security policy mechanism that helps protect websites against man-in-the-middle attacks such as protocol downgrade attacks and cookie hijacking but does not deal directly with OCSP responses. A digital signature is a cryptographic method for validating the authenticity and integrity of digital messages or documents, but it does not involve OCSP or the periodic checking of certificate statuses.

Therefore, certificate stapling is specifically designed to improve the efficiency and security of the certificate