You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2014/07/02 22:23:17 UTC
[Bug 50740] Enable OCSP Stapling by default
https://issues.apache.org/bugzilla/show_bug.cgi?id=50740
Ben Wilson <be...@digicert.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ben@digicert.com
--- Comment #19 from Ben Wilson <be...@digicert.com> ---
The Importance of this bug/enhancement needs to be elevated. It has been over
three years since this was submitted. Current statistics from NetCraft show
that 98% of Apache boxes do not use stapling, whereas 98% of Microsoft boxes
use stapling. The differentiator is whether stapling is on or off by
default--IIS uses OCSP stapling by default. From a policy perspective, OCSP
Stapling is superior for privacy-enhancing and performance reasons because
clients do not have to seek a response from a third party - it comes directly
from the server, which is why it is also a more efficient mechanism. Also, all
major browser platforms support stapling, it is provided in mod-ssl, and
because of these reasons, the number of demands for OCSP stapling
"out-of-the-box" are likely to grow substantially over the next several months.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org