bugzilla.mozilla.org has resumed normal operation. Attachments prior to 2014 will be unavailable for a few days. This is tracked in Bug 1475801.
Please report any other irregularities here.

Provide a reference implementation of server-side OCSP stapling

RESOLVED WONTFIX

Status

()

Core
Security: PSM
RESOLVED WONTFIX
4 years ago
2 years ago

People

(Reporter: briansmith, Unassigned)

Tracking

(Depends on: 2 bugs, {helpwanted})

Trunk
helpwanted
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

We frequently encounter servers that have misconfigured OCSP stapling setups that cause interop failures and/or cause us to use the fallback to OCSP fetching for expired OCSP responses. We should provide a reference implementation of server-side OCSP stapling that we can point to when we are talking about server-side OCSP stapling issues.

Further, we should provide a set of tests that cover the expected behavior of a server with respect to OCSP stapling. I imagine this bug will contain a base set of tests and we'd have follow-up bugs to implement more comprehensive tests.
I don't think we're going to be putting PSM developer resources towards this any time soon.
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.