OCSP proxy for firewallvm #879
Labels
C: core
help wanted
This issue will probably not get done in a timely fashion without help from community contributors.
P: major
Priority: major. Between "default" and "critical" in severity.
T: enhancement
Type: enhancement. A new feature that does not yet exist or improvement of existing functionality.
Reported by joanna on 3 Jul 2014 11:54 UTC
A typical problem: the user wants to allow only https traffic to select AppVM, yet for most https sites to work correctly (at least those with EV certs) the web browser is expected to also connect over oscp to check the cert. Unfortunately OCSP is HTTP not HTTPS...
Currently I manually look into the cert details where URI to OCSP is written, and then manually add this to the firewall rules. Sometimes I can't get the "green bar" working though...
Migrated-From: https://wiki.qubes-os.org/ticket/879
The text was updated successfully, but these errors were encountered: