[SSL Observatory] Malfunctioning OCSP responders
Brian Smith
bsmith at mozilla.com
Thu Feb 13 10:31:11 PST 2014
Ralph Holz wrote:
> > I'm getting an OCSP response "unauthorized" for a certificate that is
> > still within the validity period.
> >
> > Is discussing such events of interest for public discussion, or should
> > it rather be reported to the CA in private?
>
> I say go ahead, this is after all about observations.
>
> FWIW, I have a list of CAs here that send some weird replies and I can
> show their OCSPs have lapses from time to time...
If you share some more information about this, either on this list or privately, I will bring it up next week at the CA/Browser Forum meeting. I am very interested in this particular problem and data & measurements would be extremely helpful.
Cheers,
Brian
More information about the Observatory
mailing list