[SERVER-49277] Staple unknown OCSP responses Created: 02/Jul/20  Updated: 06/Dec/22

Status: Backlog
Project: Core Server
Component/s: Security
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Shreyas Kalyan Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
Assigned Teams:
Server Security
Participants:

 Description   

Currently, when the server receives a STATUS_UNKNOWN response about a certificate from an OCSP responder, it does not staple the response. If the server stapled this response, it would be able to cut down on the latency for drivers. This will require changes to the logic in the strong weak finish line of dispatchRequests. This change would only occur on OpenSSL.


Generated at Thu Feb 08 05:19:25 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.