On 04/02/2014 01:19 AM, Xuelei Fan wrote:
Here is the updated version: http://cr.openjdk.java.net/~xuelei/8034248/jep-csre-v01.txtUpdated the description section and a few words so that it is easier to understand.
I think the server side would benefit from an API which allows code to directly supply the OCSP response to be stapled, perhaps as part of the extended trust manager.
-- Florian Weimer / Red Hat Product Security Team
