[gnutls-devel] gnutls-cli OCSP test code for branch 'ocsp2'

Nikos Mavrogiannopoulos nmav at gnutls.org
Wed Feb 4 11:22:29 CET 2015

On Wed, 2015-02-04 at 11:05 +0100, Tim Ruehsen wrote:

> > I don't think that this is related. However, at the current state the
> > packets generated seem to be in accordance with wireshark, so as far as
> > I understand, it remains to properly support it on the server side by
> > enhancing the ocsptool to generate a combined status request, as well as
> > accounting the multiple OCSP responses received on peer's certificate
> > verification.
> The fix just handles the case where status_request and status_request_v2 both 
> are sent (client hello), but the answer (server hello) just includes 
> status_request.
> I guess, that will be pretty common the next few months/years.

Ok, thanks. I've handled it a bit differently.

More information about the Gnutls-devel mailing list