Tag: ocsp

Total 6 Posts

OCSP Expect-Staple

OCSP Expect-Staple is a new reporting mechanism to allow site owners to monitor how reliable their OCSP Stapling implementation is. With live feedback coming direct from the browser, you can build confidence before enforcing OCSP stapling with OCSP Must-Staple. Fixing revocation I don't need to talk about how broken revocation…

Continue Reading

OCSP Must-Staple

Revocation checking is broken and has been for some time. Whilst some vendors have sort of worked around this with proprietary solutions, there is little that the smaller sites can do. OCSP must-staple to the rescue! Revocation checking In the early days of the web we had Certificate Revocation Lists,…

Continue Reading