On 17.06.2016 16:27, Александр Кириллов wrote: > Walter H. писал 2016-06-16 22:54: >> On 16.06.2016 21:42, Александр Кириллов wrote: >>> >>> I don't think OCSP is critical for free certificates suitable for >>> small businesses and personal sites. >>> >> this is philosophy; >> >> I'd say when you do it then do it good, else don't do it; > > Then OCSP stapling is the way to go but it could be a real PITA to > setup for the first time and may not be supported by older browsers > anyway. > not really, because the same server tells the client that the SSL certificate is good, as the SSL certificate itself; these must be independent; Walter