[strongSwan] OCSP nonce parameter
Tobias Brunner
tobias at strongswan.org
Mon Nov 25 13:35:59 CET 2019
Hi Anthony,
> Our security department is insisting that strongswan validate the nonce parameter when received.
>
> Is there a way strongswan can accommodate this request.
I pushed some changes to that effect to the ocsp-nonce branch [1].
> If not we need a way to disable OCSP.
You can do so via charon.plugins.revocation.enable_ocsp.
Regards,
Tobias
[1]
https://git.strongswan.org/?p=strongswan.git;a=shortlog;h=refs/heads/ocsp-nonce
More information about the Users
mailing list