[Bug 69647] New: SSLStaplingReturnResponderErrors Directive Behavior Differs from the Documentation

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=69647

            Bug ID: 69647
           Summary: SSLStaplingReturnResponderErrors Directive Behavior
                    Differs from the Documentation
           Product: Apache httpd-2
           Version: 2.4.62
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_ssl
          Assignee: bugs@httpd.apache.org
          Reporter: hirasawa.y...@fujitsu.com
  Target Milestone: ---

The behavior of the SSLStaplingReturnResponderErrors directive differs from the
documentation.
The documentation describes the behavior when this directive is set to off as
follows:

> If set to off, only responses indicating a certificate status of "good" will 
> be included in the TLS handshake.

However, in Apache 2.4.58 and later, even with this directive set to off,
responses indicating a certificate status of "revoked" are included in the TLS
handshake.
This behavior seems to be due to the following fix:

[fix]
https://github.com/apache/httpd/commit/4d617dbeaf481d62298d093deb0bda0637537cd8 

Reading the commit message, it appears that this is the intended behavior.
Therefore, shouldn't the documentation be revised?

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscr...@httpd.apache.org
For additional commands, e-mail: bugs-h...@httpd.apache.org