You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by kb...@apache.org on 2013/08/01 08:58:08 UTC
svn commit: r1509098 - in /httpd/httpd:
branches/2.4.x/docs/manual/mod/mod_ssl.html.en
branches/2.4.x/docs/manual/mod/mod_ssl.xml
trunk/docs/manual/mod/mod_ssl.html.en trunk/docs/manual/mod/mod_ssl.xml
Author: kbrand
Date: Thu Aug 1 06:58:08 2013
New Revision: 1509098
URL: http://svn.apache.org/r1509098
Log:
RFC 6961 (TLS Multiple Certificate Status Extension)
has been published in June 2013; replace obsolete I-D reference.
Modified:
httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.html.en
httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.xml
httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en
httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.html.en?rev=1509098&r1=1509097&r2=1509098&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.html.en (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.html.en Thu Aug 1 06:58:08 2013
@@ -2424,13 +2424,14 @@ for its own certificate in the TLS hands
prerequisite for enabling OCSP stapling.</p>
<p>OCSP stapling relieves the client of querying the OCSP responder
-on its own, but it should be noted that in its current specification,
+on its own, but it should be noted that with the RFC 6066 specification,
the server's <code>CertificateStatus</code> reply may only include an
OCSP response for a single cert. For server certificates with intermediate
CA certificates in their chain (the typical case nowadays),
-stapling in its current form therefore only partially achieves the
-stated goal of "saving roundtrips and resources" - see also the <a href="https://datatracker.ietf.org/doc/draft-pettersen-tls-ext-multiple-ocsp/">
-"Adding Multiple TLS Certificate Status Extension requests"</a> Internet draft.
+stapling in its current implementation therefore only partially achieves the
+stated goal of "saving roundtrips and resources" - see also
+<a href="http://www.ietf.org/rfc/rfc6961.txt">RFC 6961</a>
+(TLS Multiple Certificate Status Extension).
</p>
</div>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.xml?rev=1509098&r1=1509097&r2=1509098&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.xml (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.xml Thu Aug 1 06:58:08 2013
@@ -2281,14 +2281,14 @@ for its own certificate in the TLS hands
prerequisite for enabling OCSP stapling.</p>
<p>OCSP stapling relieves the client of querying the OCSP responder
-on its own, but it should be noted that in its current specification,
+on its own, but it should be noted that with the RFC 6066 specification,
the server's <code>CertificateStatus</code> reply may only include an
OCSP response for a single cert. For server certificates with intermediate
CA certificates in their chain (the typical case nowadays),
-stapling in its current form therefore only partially achieves the
-stated goal of "saving roundtrips and resources" - see also the <a
-href="https://datatracker.ietf.org/doc/draft-pettersen-tls-ext-multiple-ocsp/">
-"Adding Multiple TLS Certificate Status Extension requests"</a> Internet draft.
+stapling in its current implementation therefore only partially achieves the
+stated goal of "saving roundtrips and resources" - see also
+<a href="http://www.ietf.org/rfc/rfc6961.txt">RFC 6961</a>
+(TLS Multiple Certificate Status Extension).
</p>
</usage>
</directivesynopsis>
Modified: httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en?rev=1509098&r1=1509097&r2=1509098&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en Thu Aug 1 06:58:08 2013
@@ -2420,13 +2420,13 @@ for its own certificate in the TLS hands
prerequisite for enabling OCSP stapling.</p>
<p>OCSP stapling relieves the client of querying the OCSP responder
-on its own, but it should be noted that in its current specification,
+on its own, but it should be noted that with the RFC 6066 specification,
the server's <code>CertificateStatus</code> reply may only include an
OCSP response for a single cert. For server certificates with intermediate
CA certificates in their chain (the typical case nowadays),
-stapling in its current form therefore only partially achieves the
-stated goal of "saving roundtrips and resources" - see also the <a href="https://datatracker.ietf.org/doc/draft-pettersen-tls-ext-multiple-ocsp/">
-"Adding Multiple TLS Certificate Status Extension requests"</a> Internet draft.
+stapling in its current implementation therefore only partially achieves the
+stated goal of "saving roundtrips and resources" - see also
+<a href="http://www.ietf.org/rfc/rfc6961.txt">RFC 6961</a>.
</p>
</div>
Modified: httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml?rev=1509098&r1=1509097&r2=1509098&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml Thu Aug 1 06:58:08 2013
@@ -2278,14 +2278,14 @@ for its own certificate in the TLS hands
prerequisite for enabling OCSP stapling.</p>
<p>OCSP stapling relieves the client of querying the OCSP responder
-on its own, but it should be noted that in its current specification,
+on its own, but it should be noted that with the RFC 6066 specification,
the server's <code>CertificateStatus</code> reply may only include an
OCSP response for a single cert. For server certificates with intermediate
CA certificates in their chain (the typical case nowadays),
-stapling in its current form therefore only partially achieves the
-stated goal of "saving roundtrips and resources" - see also the <a
-href="https://datatracker.ietf.org/doc/draft-pettersen-tls-ext-multiple-ocsp/">
-"Adding Multiple TLS Certificate Status Extension requests"</a> Internet draft.
+stapling in its current implementation therefore only partially achieves the
+stated goal of "saving roundtrips and resources" - see also
+<a href="http://www.ietf.org/rfc/rfc6961.txt">RFC 6961</a>
+(TLS Multiple Certificate Status Extension).
</p>
</usage>
</directivesynopsis>