Re: Broken OCSP Stapling

On Tue, 6 Jun 2017 10:48:44 +0200 Stefan Eissing wrote: > did you receive any reply on this from a httpd dev? Unfortunately I haven't received any reply. > If not, who would be a good contact at Linux Foundation / Core Infra > to talk to? I'll answer that in a

Re: Broken OCSP Stapling

Hanno, did you receive any reply on this from a httpd dev? I am currently about to embark on a project in the OCSP neighbourhood, so I do not have 100% time available right now. But I would be sorry to leave such an opportunity for funded improvement of httpd go to waste... If not, who would

Re: Broken OCSP Stapling

Hi, On Wed, 31 May 2017 07:45:23 -0500 Jim Riggs wrote: > This was mentioned in today's Bulletproof TLS newsletter > (https://www.feistyduck.com/bulletproof-tls-newsletter/issue_28_lets_encrypt_downtime.html): > >

Broken OCSP Stapling

It discusses httpd's (and nginx's) broken OCSP stapling implementations. This is outside of my wheelhouse, but wanted to raise awareness for someone familiar with that code who may be interested in taking a look. The post references bz57121 from 2014(!).