notation icon indicating copy to clipboard operation
notation copied to clipboard

Published 20 hours ago verified publisher icon notaryproject

OCSP timeout threshold is 2 seconds

Open JeyJeyGao opened this issue 1 year ago • 2 comments

What is not working as expected?

The OCSP timeout threshold is hardcoded to 2 seconds, which is not flexible enough. One of our notation customers encounters timeout issues frequently, so we need to provide a way to customize the OCSP timeout threshold.

What did you expect to happen?

provide a way to customize the OCSP timeout threshold

How can we reproduce it?

Do signature verification with a OCSP server that has high latency

Describe your environment

Linux amd64

What is the version of your Notation CLI or Notation Library?

Notation v1.2.0-alpha.1

JeyJeyGao avatar Jun 25 '24 05:06 JeyJeyGao

I'd say this is more an enhancement than a bug? Because the '2 second' default threshold is from Notary Project's spec: https://github.com/notaryproject/specifications/blob/main/specs/trust-store-trust-policy.md#ocsp-download

ghost avatar Jul 18 '24 02:07 ghost

Updated.

JeyJeyGao avatar Jul 22 '24 02:07 JeyJeyGao