So maybe I'll make a short-term fix to at least make the client not barf
on the status_request in the CR message from the server. That much
should be done for correctness. Making the client actually support OCSP
stapling in its Cert message is a much bigger change and can come later.
I'll cre
Hi Jamil,
Thanks for your answer.
On 12/16/19 2:29 PM, Jamil Nimeh wrote
> If you want to take a swing at it, go for it. I'd be happy to be a
> reviewer for it.
I'm still unsure of how are we going to prioritize this but I'd let you
know if we go for it.
Regards,
Martin.-
It wasn't implemented primarily for time considerations during the
initial TLS 1.3 implementation. I had planned to go back at some point
and add support for it. It's the wrong thing to have an alert thrown by
the client if the extension is present, since it's legal to have in TLS
1.3. Our c
