Luckily ocsp stapling is an SSL extension and clients not supporting it won't be asking for it either. ---Aki TuomiDovecot oy -------- Alkuperäinen viesti --------Lähettäjä: Andrew McGlashan <andrew.mcglashan@affinityvision.com.au> Päivämäärä: 6.3.2016 10.36 (GMT+02:00) Saaja: dovecot@dovecot.org Aihe: Re: Implementation of TLS OCSP Stapling
On 3/03/2016 11:58 PM, aki.tuomi@dovecot.fi wrote:
We will take this feature under consideration and see if it can be implemented in future release. Thank you for your suggestion!
As much as I hate Outlook (Look Out!), there are loads of people using really old versions; 2003 is no longer supported, but loads of people use 2007. Thunderbird can be expected to be far more up to date.
Implementing features to work with older clients will always be a problem.
Just a simple example, almost unrelated here, but this is either wrong by TB or wrong by Outlook (versions 2007, 2010 and 2013 that I know of).
When the IMAP server sends a message, OL will pop up a window that requires the user to acknowledge the message via a popup. TB just pops up the message in the normal 'new mail' notify if that is configured and it might be lost if notify isn't set to show.
Either way, the implementation is different b/w the two client products. Is OL right or is TB right... IMAP doco says that the message should be made to be acknowledged by the client; OL's version can't easily be ignored or missed, but TB's can easily be missed. But TB's implementation is more user friendly if the server wants to keep sending messages from time to time. I considered using this for MOTD type stuff and maybe random inspirational or motivational messages; even to remind or inform users to do certain things [one example in the dovecot wiki is to advise that the vacation message is still active]. A TB notification is next to harmless, but an OL one needs to be acknowledged every time, which would be very painful.
Anyway, the point is that if a feature is added for OCSP stabling support, you couldn't really expect older versions of Look Out to comply with it (even though M$ could patch it easily, they care less about older versions than getting people to subscribe to Office 365 these days).
Cheers A.