Bug ID: JDK-8034248 OCSP stapling for TLS

JDK-8034248 : OCSP stapling for TLS

Type: New Feature
Component: security-libs
Sub-Component: javax.net.ssl

Priority: P3
Status: Resolved
Resolution: Duplicate
Fix Versions: 9

Submitted: 2014-02-12
Updated: 2023-12-12
Resolved: 2016-05-12

Related Reports

Blocks :	JDK-8046292 - Track NIST Special Publication 800-52
Duplicate :	JDK-8046321 - JEP 249: OCSP Stapling for TLS
Relates :	JDK-8046299 - Define policy to enforce server certificate status checking in TLS handshaking

Description

Support OCSP stapling, also known as the TLS Certificate Status Request extension, in the SunJSSE provider.  This feature provides an effective approach to enforce server certificate status checking in the client side as it saves a lot round-trips and resources.

Comments

This RFE will be closed as the feature has been fully addressed in JEP 249 (JDK-8046321).

12-05-2016

Certificate Status Request is a mandatory TLS Extensions of NIST SP 800-52 R1 (See section 3.4.1 Mandatory TLS Extensions, and section 3.5.1 Path Validation).

09-06-2014