httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Stradling <>
Subject Re: mod_ssl ssl_util_stapling.c warnings
Date Wed, 22 Dec 2010 15:32:35 GMT
On Friday 03 December 2010 10:31:24 Rob Stradling wrote:
> Would it be possible to make OCSP Stapling enabled by default (when the
> server certificate contains an OCSP Responder URL in the AIA extension)
> instead of disabled by default?
> (Perhaps "SSLUseStapling" could be replaced by "SSLDisableStapling")

Steve et al,

Could you possibly spare a moment to answer this question?


> I just wonder how many webmasters would bother to add "SSLUseStapling on"
> to their config files, even though OCSP Stapling benefits all parties.
> I understand that Microsoft IIS 7.x enables OCSP Stapling by default.

Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online

View raw message