[New-bugs-announce] [issue44783] SSL needs client OCSP stapling
Philip Prindeville
report at bugs.python.org
Fri Jul 30 13:53:19 EDT 2021
New submission from Philip Prindeville <philipp at redfish-solutions.com>:
When TLS client certificates are used for authentication, servers need to ensure that the certificate is current and hasn't been revoked. In zero-trust and other architectures with heavy use of micro-services, server-side validation of the client certs repeatedly can be a significant burden.
Forcing the client to present a signed, stapled OCSP response to the handshake eliminates this repetitive extra step.
----------
assignee: christian.heimes
components: SSL
messages: 398592
nosy: christian.heimes, pprindeville
priority: normal
severity: normal
status: open
title: SSL needs client OCSP stapling
type: enhancement
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue44783>
_______________________________________
More information about the New-bugs-announce
mailing list