OCSP Stapling is off by default in ATS. What risks, if any, are there to enabling it? Given that my issuer supports OCSP and many browsers support OCSP and OCSP Stapling, it seems like enabling it is the "safest" option. Is there a reason it is not on by default?
--Jered
