Implementation of TLS OCSP Stapling

A. Schulze sca at andreasschulze.de
Thu Mar 3 12:04:39 UTC 2016


dovecot:

> So I would like to know if Dovecot is planning to feature OCSP stapling.
> That way I know for sure my "must staple" certificates can be used by
> Dovecot. And in my opinion, every TLS offering daemon should be up to
> par to the capabilities of TLS.. Not lag behind :)
>
> What's your opinion on this matter?

OCSP stapling [c|s]hould be implemented on a server if clients *use*  
that data.
For WebBrowser this is true.

But I'm not aware of any MUA or MTA that validate certificates via OCSP.

Andreas




More information about the dovecot mailing list