Confirmed users, Administrators
5,526
edits
CA:ImprovingRevocation: Difference between revisions
→Change Name
| Line 25: | Line 25: | ||
The following changes have been discussed in a Mozilla discussion forum, and are in the implementation phase. | The following changes have been discussed in a Mozilla discussion forum, and are in the implementation phase. | ||
=== ''OCSP Stapling'' === | |||
OCSP stapling has the site itself periodically ask the CA for a signed assertion of status and sends that statement in the TLS handshake at the beginning of new HTTPS connections. The browser takes that signed, stapled response, verifies it, and uses it to determine if the site’s certificate is still trustworthy. | |||
https://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/ | |||
* Discussion: several forums discussed this | |||
* Code Change: {{Bug|360420}}, {{Bug|700693}} | |||
* Dependencies: If you run a website, consider turning on OCSP stapling to protect your users. | |||
* Policy Change: None | |||
* Process Change: None | |||
=== ''Change Name'' === | === ''Change Name'' === | ||