Wayne Thayer via dev-security-policy <dev-security-policy@lists.mozilla.org> writes:
>It was recently reported [1] that IdenTrust experienced a multi-day OCSP >outage about two weeks ago. Just to understand the scope of this, what was the impact on end users? If it went on for multiple days then presumably no-one noticed it, the second reference: https://community.letsencrypt.org/t/identrust-ocsp-producing-errors/120677 states: Usually few clients do OCSP checks of the intermediate cert, thus this probably doesn’t show up very often. >From the report it looks like a very specific config was required to even notice it. If an OCSP responder crashes on the Internet and no-one checks it, does it make a difference? (Interesting to see that the Wikipedia page for this philosophical question helpfully shows a photo of "A fallen tree in a forest" to illustrate the concept). Peter. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy