Jakob Bohm <jb-mozi...@wisemo.com> writes: >2. Find a way to add OCSP responder chosen random data in each OCSP > response.
Responder or requester? You've got the OCSP nonce, although since every (public) CA has disabled it that probably won't help much. OTOH since clients won't be checking the nonce because of this, you might be able to insert a dummy one that'll be ignored by the client. Peter. _______________________________________________ dev-security-policy mailing list email@example.com https://lists.mozilla.org/listinfo/dev-security-policy