Closed Bug 1129566 Opened 10 years ago Closed 9 years ago

Provide a reference implementation of server-side OCSP stapling

Tracking

()

Status:

RESOLVED WONTFIX

People

(Reporter: briansmith, Unassigned)

References

(Depends on 2 open bugs)

Details

(Keywords: helpwanted)

Brian Smith (:briansmith, :bsmith, use NEEDINFO?)

Reporter

Description

•

10 years ago

We frequently encounter servers that have misconfigured OCSP stapling setups that cause interop failures and/or cause us to use the fallback to OCSP fetching for expired OCSP responses. We should provide a reference implementation of server-side OCSP stapling that we can point to when we are talking about server-side OCSP stapling issues. Further, we should provide a set of tests that cover the expected behavior of a server with respect to OCSP stapling. I imagine this bug will contain a base set of tests and we'd have follow-up bugs to implement more comprehensive tests.

Dana Keeler (she/her) (use needinfo) [:keeler]

Comment 1

•

9 years ago

I don't think we're going to be putting PSM developer resources towards this any time soon.

Status: NEW → RESOLVED

Closed: 9 years ago

Resolution: --- → WONTFIX

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Provide a reference implementation of server-side OCSP stapling

Categories

(Core :: Security: PSM, defect)

Tracking

()

People

(Reporter: briansmith, Unassigned)

References

(Depends on 2 open bugs)

Details

(Keywords: helpwanted)

Crash Data

Security

(public)

User Story

Description

Comment 1