While I have only skimmed the patch so far and need more review before I can comment on it, I do have a question on the expected use of OCSP support in postgres. With OCSP becoming optional [0], and big providers like Let's Encrypt deprecating OCSP [1], is this mainly targeting organizations running their own CA with in-house OCSP?
-- Daniel Gustafsson [0] https://lists.cabforum.org/pipermail/servercert-wg/2023-September/003998.html [1] https://letsencrypt.org/2024/07/23/replacing-ocsp-with-crls.html
