We frequently encounter servers that have misconfigured OCSP stapling setups that cause interop failures and/or cause us to use the fallback to OCSP fetching for expired OCSP responses. We should provide a reference implementation of server-side OCSP stapling that we can point to when we are talking about server-side OCSP stapling issues. Further, we should provide a set of tests that cover the expected behavior of a server with respect to OCSP stapling. I imagine this bug will contain a base set of tests and we'd have follow-up bugs to implement more comprehensive tests.
I don't think we're going to be putting PSM developer resources towards this any time soon.
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.