-
Type: Bug
-
Resolution: Won't Fix
-
Priority: Major - P3
-
None
-
Affects Version/s: None
-
Component/s: Security
-
Labels:None
-
Security 2020-07-27, Security 2020-11-16
If the server observes a response with multiple single_responses, 2 good and 1 unknown, it treats the response overall as unknown, not good. This could cause a server to not staple an OCSP response even when the server's certificate is covered by the response. This logic needs to be revisited to ensure that a response is not discarded for this reason.