[gnutls-devel] support of stapled OCSP responses under TLS1.3
Nikos Mavrogiannopoulos
nmav at gnutls.org
Mon Oct 16 12:24:30 CEST 2017
On Fri, Oct 13, 2017 at 2:10 PM, Jeremy Harris <jgh at wizmail.org> wrote:
> On 13/10/17 12:50, Nikos Mavrogiannopoulos wrote:
>> Any other
>> suggestions?
>
> Cache the ocsp status in memory, for some time bounded by
> (but in general we perhaps want less than?) the status
> validity.
That looks like a good optimization. It is not though directly related
to TLS1.3 or multiple OCSP responses, thus it may be better to track
it as a separate issue. Would you like to create a new issue at the
issue tracker?
[0]. https://gitlab.com/gnutls/gnutls/issues
More information about the Gnutls-devel
mailing list