CAs with dual stacked CRL/OCSP servers

Ben Sjoberg bensjoberg at gmail.com
Fri Dec 5 14:46:13 UTC 2014


Comodo's the only one I know off the top of my head. AAAA records on
both the OCSP and CRL domains.

On Fri, Dec 5, 2014 at 6:06 AM, Rob Seastrom <rs at seastrom.com> wrote:
>
> At $DAYJOB, we have some applications that we would like to be all
> hipster and *actually check* for certificate revocation.  I know this
> is way out there in terms of trendiness and may offend some folks.
>
> Difficulty: the clients are running on single stacked IPv6.  We have
> recently been advised by our existing CA that they "do not currently
> have IPv6 support plan" (sic).
>
> OCSP Stapling sounds like it could be a winner here.  Unfortunately,
> the software support is not quite ready yet on the platform on either
> end of the connection (client or server).
>
> So...  we're looking around for a vendor that's taken the time to dual
> stack its servers.
>
> Any leads?
>
> -r
>



More information about the NANOG mailing list