webpki icon indicating copy to clipboard operation
webpki copied to clipboard
verified publisher icon rustls

Support verification of stapled OCSP responses

Open ctz opened this issue 2 years ago • 0 comments

It would be good if rustls clients, by default, verified stapled OCSP responses. For that to be feasible, webpki should be able to (at minimum) verify an OCSP response for the end-entity cert.

Non-requirements:

  • being an OCSP responder
  • talking to an OCSP responder
  • processing OCSP responses for intermediate certs (probably?)

ctz avatar Dec 11 '23 16:12 ctz