> On Apr 22, 2017, at 1:11 PM, Daniel Margolis <[email protected]> wrote:
>
> Thanks for the pointer.
>
> Yes, I of course have no objections to checking CRL or OCSP. Given the mixed
> state of deployments among browsers, it merely seems worrisome to me to
> require
> that. MAY seems like a good clarification to have here.
MAY is fine. Postfix has no support for CRLs or OCSP. CRLs will never be
supported,
I might support OCSP stapling some day, but not very soon.
Exim appears to have OCSP support, but last time I looked at the code, it
seemed to
be going through the motions, but not actually validating the OCSP response
correctly.
So indeed MUST is rather far from current or likely near-term practice.
--
Viktor.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
