[gnutls-devel] GnuTLS | It is not possible for server to check whether client requested OCSP stapling (#829)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Tue Dec 17 07:52:57 CET 2019

Airtower commented:

Spontaneous thought while reading these comments: It should be possible to record the actually sent OCSP response(s) when using `gnutls_certificate_set_retrieve_function3`. The callback has full control over which certificate(s) and response(s) to send, and could e.g. log them at will. This would force the application to implement its own selection logic, though.

Maybe it'd be possible to make the default certificate and response retrieval method available as API, so applications could easily call it as part of their `gnutls_certificate_set_retrieve_function3` callbacks?

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/829#note_261456959
You're receiving this email because of your account on gitlab.com.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20191217/5a201634/attachment.html>

More information about the Gnutls-devel mailing list