Uploaded image for project: 'Ruby Driver'
  1. Ruby Driver
  2. RUBY-2093

Non-stapled OCSP Support

XMLWordPrintableJSON

    • Done
    • OCSP Support
    • Hide

      Engineer: Oleg Pudeyev
      Summary: Implement OCSP support in Ruby driver. There is currently no support for OCSP stapling in Ruby openssl extension (https://github.com/ruby/openssl/issues/295), therefore we may either implement that support and contribute it upstream or omit OCSP stapling from the Ruby driver.

      2020-09-08: Maintaining target date of 2020-09-11 (3 weeks)

      • Oleg has added OCSP configurations to Evergreen.
      • To wrap up this epic, goals for this week are to implement redirect handling for OCSP endpoints, fix OCSP implementation on Ruby 2.3 and JRuby, and implement OCSP response cache.

      2020-08-25: Setting initial target date of 2020-09-11 (3 weeks)

      • So far Oleg has completed the initial implementation of OCSP endpoint checking and unit tests.
      • In the coming weeks he will work on HTTP redirect support for endpoint checking, Evergreen tests, OCSP stapling implementation in Ruby OpenSSL bindings, stapling verification in the driver, and tests for stapling.
      Show
      Engineer: Oleg Pudeyev Summary: Implement OCSP support in Ruby driver. There is currently no support for OCSP stapling in Ruby openssl extension ( https://github.com/ruby/openssl/issues/295 ), therefore we may either implement that support and contribute it upstream or omit OCSP stapling from the Ruby driver. 2020-09-08: Maintaining target date of 2020-09-11 (3 weeks) Oleg has added OCSP configurations to Evergreen. To wrap up this epic, goals for this week are to implement redirect handling for OCSP endpoints, fix OCSP implementation on Ruby 2.3 and JRuby, and implement OCSP response cache. 2020-08-25: Setting initial target date of 2020-09-11 (3 weeks) So far Oleg has completed the initial implementation of OCSP endpoint checking and unit tests. In the coming weeks he will work on HTTP redirect support for endpoint checking, Evergreen tests, OCSP stapling implementation in Ruby OpenSSL bindings, stapling verification in the driver, and tests for stapling.
    • Fully Compatible

      Epic Summary

      Summary

      Implement OCSP support in Ruby driver.

      There is currently no support for OCSP stapling in Ruby openssl extension (https://github.com/ruby/openssl/issues/295), therefore we may either implement that support and contribute it upstream or omit OCSP stapling from the Ruby driver.

      Motivation

      Ruby driver desires to be compliant with the published driver specifications.

      Cast of Characters

      • Product Owner: Rachelle Palmer
      • Project Lead: Oleg Pudeyev
      • Program Manager: Alexander Golin

      Documentation

      [Scope Document|]
      [Technical Design Document|]

      Spec: https://github.com/mongodb/specifications/blob/master/source/ocsp-support/ocsp-support.rst
      Tests readme: https://github.com/mongodb/specifications/blob/master/source/ocsp-support/tests/README.rst
      DET OCSP dir: https://github.com/mongodb-labs/drivers-evergreen-tools/tree/master/.evergreen/ocsp
      Server parameters: https://docs.mongodb.com/manual/core/security-transport-encryption/#ocsp-online-certificate-status-protocol

            Assignee:
            oleg.pudeyev@mongodb.com Oleg Pudeyev (Inactive)
            Reporter:
            esha.bhargava@mongodb.com Esha Bhargava
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: