Quick Links

Re: Proposal for implementing OCSP Stapling in PostgreSQL

From:	Daniel Gustafsson <daniel(at)yesql(dot)se>
To:	David Zhang <idrawone(at)gmail(dot)com>
Cc:	Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>, Pgsql Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject:	Re: Proposal for implementing OCSP Stapling in PostgreSQL
Date:	2024-08-07 07:20:01
Message-ID:	4E4FF50E-3193-4151-8CCF-4C68BC82D8B2@yesql.se
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

While I have only skimmed the patch so far and need more review before I can
comment on it, I do have a question on the expected use of OCSP support in
postgres. With OCSP becoming optional [0], and big providers like Let's
Encrypt deprecating OCSP [1], is this mainly targeting organizations running
their own CA with in-house OCSP?

--
Daniel Gustafsson

[0] https://lists.cabforum.org/pipermail/servercert-wg/2023-September/003998.html
[1] https://letsencrypt.org/2024/07/23/replacing-ocsp-with-crls.html

In response to

Re: Proposal for implementing OCSP Stapling in PostgreSQL at 2024-08-06 23:33:21 from David Zhang

Responses

Re: Proposal for implementing OCSP Stapling in PostgreSQL at 2024-08-07 18:07:51 from David Zhang
Re: Proposal for implementing OCSP Stapling in PostgreSQL at 2024-08-14 22:42:51 from Jacob Champion

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Heikki Linnakangas	2024-08-07 07:24:50	Re: Remove TRACE_SORT macro?
Previous Message	shveta malik	2024-08-07 07:07:41	Re: Found issues related with logical replication and 2PC