The HTTPS webserver asks the OCSP server for a signed by CA & timestamped message every few hours to validate the certificate serial it is using is still valid (i.e. the certificate has not been revoked by CA).
The HTTPS webserver then provides this extra bit of signed information to the browser during the TLS handshake.
So now the load on the OCSP scales better (by website, not by all web users), has minimal latency impact (just the extra bytes in the handshake), no out-of-band communication from browser to OCSP server is needed at all.
Hopefully when SPDY or HTTP/2.0 is running even the bytes in the handshake can be reduced to nothing by higher reuse of a single TCP connection to multiplex and also if the client has a recent TLS sessionID that is represented to the server. You'd think they can optimize the extra bytes away and speed up the handshake for the 2nd
In the case of PC software though I would expect there to be multiple channels for getting OCSP data and only one channel needs to work to validate firmware/driver is still usable. But I'm sure there are other issues with invalidating important drivers for graphics/network that would be more like a nag screen every day to get you to reinstall driver.