Hi Gustaf Well, I wouldn't say a strong need right now, but it might become so. It was an issue raised during a security audit, but with a low severity. The recommendation we got was:
"OCSP stapling should be activated on the web or entry server. This causes the server to deliver the certificate status during the SSL handshake. It anonymizes the user, since the server is requesting the certificate status on behalf of the user." Perhaps if we could say that OCSP stapling is on the roadmap, and will be in a future release, that would suffice. Do you think that would be possible? thanks Brian ________________________________ From: Gustaf Neumann <neum...@wu.ac.at> Sent: Wednesday 19 February 2020 19:30 To: naviserver-devel@lists.sourceforge.net <naviserver-devel@lists.sourceforge.net> Subject: Re: [naviserver-devel] Does Naviserver support OCSP stapling? This message's attachments contains at least one web link. This is often used for phishing attempts. Please only interact with this attachment if you know its source and that the content is safe. If in doubt, confirm the legitimacy with the sender by phone. Brian, Current versions of NaviServer have no such option. Are you asking out of curiosity or do you have a strong need for this? -g On 18.02.20 13:25, Brian Fenton wrote: Hi all does Naviserver support OCSP stapling, and if so, how to configure it? https://en.wikipedia.org/wiki/OCSP_stapling thanks Brian
_______________________________________________ naviserver-devel mailing list naviserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/naviserver-devel
