I’m confused about for this assertion, for two reasons:
- My understanding is that OCSP stapling stops leaks, because the browser can get OCSP data from the server instead of needing to fetch it separately.
- Last I heard, Firefox was in the process of removing OCSP responder checks (precisely for privacy reasons) in favor of CRLite-based revocation checks—are you sure they didn’t remove whatever setting you’re referring to from the UI because it’s no longer relevant?
- My understanding is that OCSP stapling stops leaks, because the browser can get OCSP data from the server instead of needing to fetch it separately.
- Last I heard, Firefox was in the process of removing OCSP responder checks (precisely for privacy reasons) in favor of CRLite-based revocation checks—are you sure they didn’t remove whatever setting you’re referring to from the UI because it’s no longer relevant?