64970 – drop unmaintained ocsp support from mod_ssl

Bug 64970 - drop unmaintained ocsp support from mod_ssl

Summary: drop unmaintained ocsp support from mod_ssl

Status:	NEW

Alias:	None

Product:	Apache httpd-2
Classification:	Unclassified
Component:	mod_ssl (show other bugs)
Version:	2.4.25
Hardware:	PC All

Importance:	P2 normal (vote)
Target Milestone:	---
Assignee:	Apache HTTPD Bugs Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2020-12-09 07:59 UTC by Björn Jacke
Modified:	2020-12-09 07:59 UTC (History)
CC List:	1 user (show)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Björn Jacke 2020-12-09 07:59:19 UTC

many people, including me have been reporting ocsp isues with Apache in the last couple of years since ocsp support was added to mod_ssl. There is zero response on reported bugs, not even for the easiest fixable bug, not even for bugs on better documentation. Apache's mod_ssl has really the worst ocsp stapling implemenation ever and most peoply who just want to enable it will make their setup fragile. Fragile setups due to bad and unmaintained ocsp support in Apache is finally putting a bad reputation on ocsp technoloygy in general. It also puts bad reputation on Apache in general by the way. Please be so kind and drop all of the ocsp support from Apache's mod_ssl, because no ocsp support is better than  a bad and unmaintained ocsp support.