[exim-dev] [Bug 2350] OCSP stapling, client side

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
Madmin at <-
M 
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Old-Topics: [exim-dev] [Bug 2350] New: OCSP Problem for outgoing mails
Subject: [exim-dev] [Bug 2350] OCSP stapling, client side
https://bugs.exim.org/show_bug.cgi?id=2350

--- Comment #6 from Torsten Tributh <torsten@???> ---
Hi,
happy new year. After investigating I bit deeper, we can close this issue for
now.
There is no support in the client handshake to staple the OCSP status_response
for TLS< 1.3 and actually no codepoints registered for usage in TLS 1.3.

Maybe only a hint in the manual could be useful, possibly like this:

"Take care not to use a single certificate with OCSP-must-stable feature
enabled if you want to use it for incoming and outgoing connections.
The definitions have lake of support to staple OCSP in client mode."

Torsten

--
You are receiving this mail because:
You are on the CC list for the bug.
This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-[exim-dev] Enable enable_prdr by defaultRe: [exim-dev] Enable enable_prdr by default->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)