1. 28

    1. 2

      I suspect the authors are a little confused when they call it OCSP stapling. If it’s verifying application developer certificates, surely there wouldn’t be any TLS connection to staple to?

      1. 1

        To answer my own question, this article explains that there is a stapling-like procedure for including notarisation tickets with apps. It’s different from the TLS extension usually called “OCSP stapling”, which is described in the wikipedia article they link.