[DRIVERS-704] OCSP Support Created: 16/Aug/19  Updated: 21/Aug/23

Status: Implementing
Project: Drivers
Component/s: None
Fix Version/s: None

Type: Epic Priority: Major - P3
Reporter: Esha Bhargava Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Depends
depends on RUBY-2396 OCSP Stapling + JRuby Support Blocked
depends on RUBY-2093 Non-stapled OCSP Support Closed
depends on RUST-361 OCSP Support Backlog
depends on JAVA-3598 OCSP Support Closed
depends on PHPC-1533 OCSP Support Closed
depends on CDRIVER-3408 OCSP Support Closed
depends on CSHARP-2817 POC : OCSP Support Closed
depends on GODRIVER-1467 OCSP Support Closed
depends on MOTOR-490 OCSP Support Closed
depends on NODE-2427 OCSP Support Closed
depends on PYTHON-2093 OCSP Support Closed
depends on CXX-1910 OCSP Support Closed
Related
Server Compat: 4.4
Quarter: FY20Q3
Upstream Changes Summary:

Drivers:

  • Drivers will have to implement OCSP stapling validation and OCSP client validation based on the ability of each Driver.
  • Drivers that can conform to the policy outlined in the Server OCSP scope document, should. Drivers whose underlying TLS implementation does not expose the configuration primitives required to perform these operations are permitted to deviate from these guidelines.

Cloud:

  • Cloud will have to configure policy for their users by enabling / disabling the MustStaple extension on their certificates.The policy is outlined in the Server OCSP scope document.
Start date:
Cost Threshold %: 100
Driver Compliance:
Key Status/Resolution FixVersion
RUBY-2093 Fixed 2.14.0.rc1
GODRIVER-1467 Fixed 1.4.0
JAVA-3598 Fixed 4.1.0
MOTOR-490 Works as Designed
PHPC-1533 Fixed 1.8.0-beta2, 1.8.0
NODE-2427 Fixed 3.6.0
CXX-1910 Fixed 3.6.0-rc0, 3.6.0
PYTHON-2093 Fixed 3.11
CDRIVER-3408 Fixed 1.17.0-beta2, 1.17.0
CSHARP-2817 Fixed 2.11.0
SWIFT-787 Fixed 1.2.0
RUST-361 Backlog
RUBY-2396 Blocked
NODE-3771 Duplicate
NODE-3772 Backlog

 Description   
Epic Summary

Summary

Implement support for Online Certificate Status Protocol. Implement OCSP response stapling. Implement support for the Must Staple extension.

Cast of Characters

Lead : Jeremy
Author : Vincent
POCs : C# - Vincent, C- Clyde, Python - Bernie

Documentation

Scope Document
Spec


Generated at Thu Feb 08 08:22:09 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.