[CDRIVER-3747] Default OCSP to "off" for drivers that hard-fail when an OCSP responder is unavailable Created: 13/Jul/20  Updated: 27/Oct/23  Resolved: 13/Jul/20

Status: Closed
Project: C Driver
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Backlog - Core Eng Program Management Team Assignee: Kevin Albertson
Resolution: Works as Designed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
is depended on by CXX-2072 Default OCSP to "off" for drivers tha... Closed
is depended on by PHPC-1658 Default OCSP to "off" for drivers tha... Closed
Related
is related to CDRIVER-3580 Secure Channel must soft-fail when ce... Closed

 Description   

See DRIVERS-1311 for updated details.



 Comments   
Comment by Kevin Albertson [ 13/Jul/20 ]

The only TLS implementation that had hard fail default behavior was schannel on Windows. That was changed in CDRIVER-3580 to make the default behavior of schannel soft fail when an OCSP responder is offline, responds with an Unknown status, or when the server certificate.

Generated at Wed Feb 07 21:18:55 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.