[PATCH] SSL: ssl_stapling_valid directive
kyprizel
kyprizel at gmail.com
Mon Jan 13 15:04:11 UTC 2014
So, you going to leave 3600 hardcoded there?
On Mon, Jan 13, 2014 at 6:51 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> Hello!
>
> On Mon, Jan 13, 2014 at 06:08:53PM +0400, kyprizel wrote:
>
> > "some cases", for example = you have a lot of users with wrong system
> time,
> > so they can't access the server if OCSP responses updated too frequently.
>
> This looks like a very-very wrong way to address the problem.
> Instead of resolving the problem it will hide it on some requests
> (but not on others), making the problem harder to detect and debug.
>
> --
> Maxim Dounin
> http://nginx.org/
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20140113/381de44b/attachment-0001.html>
More information about the nginx-devel
mailing list