Ralph Holz wrote: > > I'm getting an OCSP response "unauthorized" for a certificate that is > > still within the validity period. > > > > Is discussing such events of interest for public discussion, or should > > it rather be reported to the CA in private? > > I say go ahead, this is after all about observations. > > FWIW, I have a list of CAs here that send some weird replies and I can > show their OCSPs have lapses from time to time...
If you share some more information about this, either on this list or privately, I will bring it up next week at the CA/Browser Forum meeting. I am very interested in this particular problem and data & measurements would be extremely helpful. Cheers, Brian
