New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update openssl bindings to allow client side OCSP stapling #1863
Comments
Missing things:
|
I am not sure if we need OCSP_RESPONSE_print ... I think that we will need to decode the DER content and construct from in an OCSP response object. I could only find the source code for it ... but come with no docstring :( https://github.com/openssl/openssl/blob/6ef869d7d0a9d2e7ea7908c0b5aab1cb451e00fa/crypto/ocsp/ocsp_prn.c#L186 ... good to see that the source file comes with a 60 lines long header I think that we need a separate ticket for OCSP specific method and dedicate this ticket for OCSP TLS extension |
Also, I am not sure if we want to use OpenSSL implementation for making an OCSP request. We can have an initial implementation in pure python and then extend with low level support from various libraries. |
I already submitted a PR for Here's an updated checklist of methods that need/needed to be bound,
Thanks, |
with the merge of #1945 I think we can close this (as no one seems to want the OCSP bindings right now). We can open a new issue if required. |
I am looking at implementing OCSP stapling for Twisted (https://twistedmatrix.com/trac/ticket/6802) so I am documenting the work items I have identified so far
Docs:
OpenSSL client sample code: https://github.com/openssl/openssl/blob/master/apps/s_client.c#L1530
The text was updated successfully, but these errors were encountered: