I just found out about MoFO funding OCSP stapling support for mod_ssl : http://issues.apache.org/bugzilla/show_bug.cgi?id=43822
In other words, Apache/mod_ssl web servers will be able to include an OCSP token inside TLS HELLO responses. That will permit the client to validate the server certificate without having to make an OCSP request by himself. I'm using future tense here because it requires OpenSSL 0.9.9, which is still under development and not available as a stable release. I assume this means the client support has been included in NSS. Since which version ? Will this be only for Fx 3, or is it already included in some version of Fx 2 ? _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
