Hello ? was the nonce parameter fixed in 5.5.8
-----Original Message----- From: Users <[email protected]> On Behalf Of Tobias Brunner Sent: Monday, November 25, 2019 4:36 AM To: Modster, Anthony <[email protected]>; [email protected]; Andreas Steffen <[email protected]> Cc: Amare, Mesfin <[email protected]> Subject: Re: [strongSwan] OCSP nonce parameter ---External Email--- Hi Anthony, > Our security department is insisting that strongswan validate the nonce > parameter when received. > > Is there a way strongswan can accommodate this request. I pushed some changes to that effect to the ocsp-nonce branch [1]. > If not we need a way to disable OCSP. You can do so via charon.plugins.revocation.enable_ocsp. Regards, Tobias [1] https://git.strongswan.org/?p=strongswan.git;a=shortlog;h=refs/heads/ocsp-nonce
