CAs with dual stacked CRL/OCSP servers

Rob Seastrom rs at
Fri Dec 5 12:06:33 UTC 2014

At $DAYJOB, we have some applications that we would like to be all
hipster and *actually check* for certificate revocation.  I know this
is way out there in terms of trendiness and may offend some folks.

Difficulty: the clients are running on single stacked IPv6.  We have
recently been advised by our existing CA that they "do not currently
have IPv6 support plan" (sic).

OCSP Stapling sounds like it could be a winner here.  Unfortunately,
the software support is not quite ready yet on the platform on either
end of the connection (client or server).

So...  we're looking around for a vendor that's taken the time to dual
stack its servers.

Any leads?


More information about the NANOG mailing list