Safari 8 does not support OCSP stapling
| Originator: | pepi.zawodsky | ||
| Number: | rdar://17589097 | Date Originated: | 08-Jul-2014 03:05 PM |
| Status: | Open | Resolved: | |
| Product: | Safari | Product Version: | 8.0 (10538.35.8) |
| Classification: | Security | Reproducible: | Always |
Summary: Safari 8 does not support OCSP stapling Steps to Reproduce: Visit one of these sites to show the browser's capabilities: https://www.ssllabs.com/ssltest/viewMyClient.html http://howsmyssl.com/ Expected Results: Any modern browser should support OCSP stapling to improve performance of TLS handshakes as well as gain better MITM detection with spoofed certificates. Actual Results: Safari 8 still does not support OCSP stapling. Regression: This likely applies to the underlying SecureTransport.framework's capabilities.
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!