Hi, > So for the new BCP, we have three options: > > Add a SHOULD-level requirement (for TLS 1.3 implementations, possibly also > TLS 1.2 implementations) to fail the handshake if the OCSP response is > missing or invalid. (As far as we can tell, RFC 8446 is silent on this.) > Remove the whole discussion of OCSP, saying that in its current form it’s not > adding value. > Maintain the status quo, where many people implement OCSP on the server side, > but clients rarely benefit. > I don't think that OCSP is not adding value in its current form. I have seen a lot of OCSP implementations with hard fail, especially on the server side for authenticating clients using private PKI certificates. Although OCSP does not add much value on the client side as it's a bit fragile for public PKI and client side checks because of the matrix of multiple OCSP status producers and consumers at scale.
-Mohit _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
