ocspd performs caching and network fetching of Certificate Revocation Lists (CRLs) and Online Certificate Status Protocol (OCSP) responses. It is used by Security.framework during certificate verification. Security.framework communicates with ocspd via a private RPC interface. When Security.framework determines that a CRL is needed, or that it needs to perform an OCSP transaction, it performs an RPC to ocspd which then examines its cache to see if the appropriate CRL or OCSP response exists and is still valid. If so, that entity is returned to Security.framework. If no entry is found in cache, ocspd obtains it from the network, saving the result in cache before returning it to Security.framework.
In other words, ocspd is part of the Operating System trying to do its job.