Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-49277

Staple unknown OCSP responses

    XMLWordPrintableJSON

Details

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Major - P3 Major - P3
    • None
    • None
    • Security
    • None
    • Server Security

    Description

      Currently, when the server receives a STATUS_UNKNOWN response about a certificate from an OCSP responder, it does not staple the response. If the server stapled this response, it would be able to cut down on the latency for drivers. This will require changes to the logic in the strong weak finish line of dispatchRequests. This change would only occur on OpenSSL.

      Attachments

        Activity

          People

            backlog-server-security Backlog - Security Team
            shreyas.kalyan@mongodb.com Shreyas Kalyan
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: