On Mon, Feb 20, 2017 at 5:32 PM, Yann Ylavic <[email protected]> wrote: > > First you want it to be Off by default (i.e. verify the OCSP's > responder certificate when not configured), right? > Couldn't that break existing configurations since we currently (until > 2.4.25) do not verify it?
Oh, we do verify unconditionally currently, that's an opt-out, so please ignore this part :)
