Firefox just made themselves the best browser for HTTPS revocation, with OCSP Must-staple and short-lived certs: https://blog.mozilla.org/security/2015/11/23/improving-revocation-ocsp-must-staple-and-short-lived-certificates/ …
@FiloSottile @sleevi_ @hanno @rlbarnes @konklone Yes. You give the server the path to OCSP response file & send a HUP when you update it.
-
-
@BRIAN_____@FiloSottile@sleevi_@hanno@rlbarnes@konklone I wouldn’t use that approach with, say, Apache. Restarts can get complicated. -
@ivanristic@FiloSottile@sleevi_@hanno@rlbarnes@konklone There are better ways, for sure. This is a very easy way. Good for prototyping.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.