OCSP Stapling Support for WAF
Please can you Support OCSP Stapling.
The obvious advantage to OCSP Stapling is the improvement in
speed and availability of the OCSP certificate status check.
OCSP Stapling helps maintain the privacy of the end user, since a CA can see which web sites a user has visited (only those web sites that have certificates issued by the CA). If OCSP Stapling is used, the CA will see OCSP requests
only from the web site, not the web site’s end users.
Many wi-fi hotspots use Captive Portals to control access to the
Internet, sometimes requiring entry of a credit card number to pay
for access. In such environments, users are not able to check the
status of the SSL certificate used by the Captive Portal, since all
Internet access is blocked until authentication and/or payment
is successful. If the Captive Portal used OCSP Stapling, it could
allow its users to see and verify its SSL certificate status before
those users proceed.