This ticket depends on PYTHON-2040, which adds PyOpenSSL as an alternative TLS provider. Python's standard library ssl module provides no support for stapled OCSP responses, only parsing extensions for OCSP URIs. We're going to support OCSP, stapling and must-staple. OCSP support will be optional, enabled through the use of an "ocsp" extra. Feature support will also add dependencies on requests (to make OCSP requests) and cryptography (to create OCSP requests and verify OCSP responses, stapled or otherwise). Cryptography is already a dependency of PyOpenSSL, and our own pymongocrypt package.

            Assignee:
            bernie@mongodb.com Bernie Hackett
            Reporter:
            esha.bhargava@mongodb.com Esha Bhargava
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: