Hi,
For CAs that do not include a signed certificate timestamp in their newly-issued certificates, does Dovecot support either OCSP stapling or the Certificate Transparency TLS extension?
If the TLS extension is supported, how does the admin configure the timestamp for each certificate?
I’m wondering if any MUAs will follow Google’s lead and insist on CT.
Thank you!
-Felipe Gasper
Mississauga, Ontario
We are planning to add ocsp stapling support. At least Thunderbird supports must-staple attribute.