On Tue, May 5, 2015 at 3:06 PM, Hanno Böck <ha...@hboeck.de> wrote: > I haven't used apache 2.2, but isn't OCSP stapling support still > missing there? > > I think if you're already working on backporting important TLS features > that should certainly go with them.
My own line for 2.2 would be drawn somewhere between Yann's proposal and things like OCSP stapling. I think the former is more fundamental/hardening and a better fit for the aging release.
