Review Request of JDK Enhancement Proposal: OCSP stapling

Florian Weimer fweimer at redhat.com
Tue May 6 13:36:56 UTC 2014


On 04/02/2014 01:19 AM, Xuelei Fan wrote:
> Here is the updated version:
>    http://cr.openjdk.java.net/~xuelei/8034248/jep-csre-v01.txt
>
> Updated the description section and a few words so that it is easier to
> understand.

I think the server side would benefit from an API which allows code to 
directly supply the OCSP response to be stapled, perhaps as part of the 
extended trust manager.

-- 
Florian Weimer / Red Hat Product Security Team



More information about the security-dev mailing list