Details
-
Bug
-
Resolution: Won't Fix
-
Major - P3
-
None
-
None
-
None
-
Security 2020-07-27, Security 2020-11-16
Description
If the server observes a response with multiple single_responses, 2 good and 1 unknown, it treats the response overall as unknown, not good. This could cause a server to not staple an OCSP response even when the server's certificate is covered by the response. This logic needs to be revisited to ensure that a response is not discarded for this reason.