On 02/20/2017 05:47 PM, Yann Ylavic wrote: > On Mon, Feb 20, 2017 at 5:32 PM, Yann Ylavic <[email protected]> wrote: >> >> First you want it to be Off by default (i.e. verify the OCSP's >> responder certificate when not configured), right? >> Couldn't that break existing configurations since we currently (until >> 2.4.25) do not verify it? > > Oh, we do verify unconditionally currently, that's an opt-out, so > please ignore this part :) >
Many thanks for the reviews. Yes the idea is the behaviour is unchanged if the user doesn't use the new directives. Cheers Jean-Frederic
