Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-49277

Staple unknown OCSP responses

XMLWordPrintableJSON

    • Type: Icon: Improvement Improvement
    • Resolution: Unresolved
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Security
    • Labels:
      None
    • Server Security

      Currently, when the server receives a STATUS_UNKNOWN response about a certificate from an OCSP responder, it does not staple the response. If the server stapled this response, it would be able to cut down on the latency for drivers. This will require changes to the logic in the strong weak finish line of dispatchRequests. This change would only occur on OpenSSL.

            Assignee:
            backlog-server-security [DO NOT USE] Backlog - Security Team
            Reporter:
            shreyas.kalyan@mongodb.com Shreyas Kalyan
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: