Security/Server Side TLS: Difference between revisions

Jump to navigation Jump to search

Security/Server Side TLS (view source)

Revision as of 22:49, 14 October 2013

29 bytes added ,  14 October 2013
→‎OCSP Stapling
Line 183: Line 183:
The solution is to allow the server to send the OCSP record during the TLS handshake, therefore bypassing the OCSP responder. This mechanism saves a roundtrip between the client and the OCSP responder, and is called OCSP Stapling.
The solution is to allow the server to send the OCSP record during the TLS handshake, therefore bypassing the OCSP responder. This mechanism saves a roundtrip between the client and the OCSP responder, and is called OCSP Stapling.


The location of the OCSP responder is taken from the Authority Information Access field of the signed certificate:
The location of the OCSP responder is taken from the Authority Information Access field of the signed certificate. For example, with StartSSL:
 
<pre>
<pre>
Authority Information Access:  
Authority Information Access:  
Gdestuynder
Confirmed users
502

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/728850"

Navigation menu