OCSP timeout threshold is 2 seconds #976

JeyJeyGao · 2024-06-25T05:39:13Z

What is not working as expected?

The OCSP timeout threshold is hardcoded to 2 seconds, which is not flexible enough. One of our notation customers encounters timeout issues frequently, so we need to provide a way to customize the OCSP timeout threshold.

What did you expect to happen?

provide a way to customize the OCSP timeout threshold

How can we reproduce it?

Do signature verification with a OCSP server that has high latency

Describe your environment

Linux amd64

What is the version of your Notation CLI or Notation Library?

Notation v1.2.0-alpha.1

Two-Hearts · 2024-07-18T02:48:12Z

I'd say this is more an enhancement than a bug? Because the '2 second' default threshold is from Notary Project's spec: https://github.com/notaryproject/specifications/blob/main/specs/trust-store-trust-policy.md#ocsp-download

JeyJeyGao · 2024-07-22T02:15:42Z

Updated.

JeyJeyGao added bug Something isn't working triage Need to triage labels Jun 25, 2024

yizha1 removed the triage Need to triage label Jun 28, 2024

yizha1 added this to the 1.3.0 milestone Jun 28, 2024

JeyJeyGao added enhancement New feature or request and removed bug Something isn't working labels Jul 22, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

OCSP timeout threshold is 2 seconds #976

OCSP timeout threshold is 2 seconds #976

JeyJeyGao commented Jun 25, 2024 •

edited

Loading

Two-Hearts commented Jul 18, 2024

JeyJeyGao commented Jul 22, 2024

OCSP timeout threshold is 2 seconds #976

OCSP timeout threshold is 2 seconds #976

Comments

JeyJeyGao commented Jun 25, 2024 • edited Loading

What is not working as expected?

What did you expect to happen?

How can we reproduce it?

Describe your environment

What is the version of your Notation CLI or Notation Library?

Two-Hearts commented Jul 18, 2024

JeyJeyGao commented Jul 22, 2024

JeyJeyGao commented Jun 25, 2024 •

edited

Loading