On Tue, 6 Jun 2017 10:48:44 +0200
Stefan Eissing wrote:
> did you receive any reply on this from a httpd dev?
Unfortunately I haven't received any reply.
> If not, who would be a good contact at Linux Foundation / Core Infra
> to talk to?
I'll answer that in a private mail, don't want to give
Hanno,
did you receive any reply on this from a httpd dev? I am currently about to
embark on a project in the OCSP neighbourhood, so I do not have 100% time
available right now. But I would be sorry to leave such an opportunity for
funded improvement of httpd go to waste...
If not, who would b
Hi,
On Wed, 31 May 2017 07:45:23 -0500
Jim Riggs wrote:
> This was mentioned in today's Bulletproof TLS newsletter
> (https://www.feistyduck.com/bulletproof-tls-newsletter/issue_28_lets_encrypt_downtime.html):
>
> https://blog.hboeck.de/archives/886-The-Problem-with-OCSP-Stapling-and-Must-Stapl
l
It discusses httpd's (and nginx's) broken OCSP stapling implementations. This
is outside of my wheelhouse, but wanted to raise awareness for someone familiar
with that code who may be interested in taking a look. The post references
bz57121 from 2014(!).