[...] A lot of OCSP servers have been incorrectly (and that includes Verisign's). [...]
A significatn problem with Verisign is that some time ago, they were including the OCSP extension for some people who had not paid for OCSP, so the responder would refuse to tell the state of the cert.
Unfortunately Mozilla would then refuse to connect to the site, which made OCSP quite unusable.
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
