* We would be grateful for feedback based on implementation experience. In
particular if you have quantitative data on the use or quality of OCSP that’s
more recent than Chung18 [3], that would be very useful.
For what it’s worth, *our* customers want OCSP stapling. (It’s enabled by
default and nobody has turned it off.) Note that if we can’t get an OCSP
response within a time period, we proceed with the handshake anyway. We are the
CDN for many responders. We don’t have metrics on when a response is not
available, nor do we know when such transactions proceeed or close the
connection, sorry. I guess the takeaway is that server owners seem to like
this, regardless of what clients do.
Hope this helps.
/r$
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
