a client can ask the server to send its OCSP status. This sounds very risky, but reduces the load on OCSP servers, and since the response is signed by the CA, and only valid for a short time, this is not a big security risk.
- Timur Pocheptsov
- Peter Hartmann (closed Nokia identity) (Inactive)
5Vote for this issue
5Start watching this issue