On Thu, Apr 10, 2014 at 02:31:29PM -0400, Jon DeVree wrote: > > OCSP is still alive and kicking, but it has some pretty notable issues > regarding how easy it is to make it soft-fail: > https://www.imperialviolet.org/2012/02/05/crlsets.html
Which is why I think we should really work on getting the majority of the servers to do OCSP stapling. Kurt _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
