Persia should correct me if I'm wrong, but my understanding is the default is no handling. The ATS core provides a default handler for OCSP and the point of this call is to set this context to use the ATS core default OCSP handler. That is how this makes OCSP easier for plugins - rather than writing a handler, the handling is delegated to the default handler in the ATS core. I'm open to better name suggestions, a name which conveys the concept "use the ATS core default OCSP handler for this context".
On Tue, Mar 27, 2018 at 5:31 PM, James Peach <jpe...@apache.org> wrote: > > > > On Mar 27, 2018, at 1:52 PM, Alan Carroll <solidwallofc...@oath.com.INVALID> > wrote: > > > > Chatting with Persia privately, I recommend changing the name to > something > > like `TSSslOCSPDefaultHandlingEnable`, which is what it really does > > (enable, for that context, the default / core OCSP handling). > > I'm confused ... isn't the default what you start with if you do nothing? > > > > > On Tue, Mar 27, 2018 at 3:23 PM, Persia Aziz > <persia.a...@yahoo.com.invalid> > > wrote: > > > >> > >> @Kit, > >> Sure. I will provide an example plugin. > >> Syeda Persia Aziz > >> Software DeveloperYahoo! Inc.Champaign, Illinois > >> > >> On Tuesday, March 27, 2018, 3:08:31 PM CDT, Shu Kit Chan < > >> chanshu...@gmail.com> wrote: > >> > >> And it would be of great help if we can have a example plugin to > >> illustrate hot this can be used. > >> > >> Thanks. > >> > >> Kit > >> > >> On Tue, Mar 27, 2018 at 1:06 PM, Alan Carroll > >> <solidwallofc...@oath.com.invalid> wrote: > >>> I made some comments on the PR. I would recommend at a minimum having a > >>> reference / link over to where the OCSP callback is described. > >>> > >>> On Tue, Mar 27, 2018 at 3:04 PM, Persia Aziz > >> <persia.a...@yahoo.com.invalid> > >>> wrote: > >>> > >>>> This API will be used for contexts created in the plugin. Since we > >> already > >>>> have the OCSP query,response and caching mechanism are already in ATS, > >> the > >>>> developer can choose to use this callback for OCSP stapling. Otherwise > >> the > >>>> whole OCSP part has to rewritten in the plugin. We have a use case > where > >>>> the plugin developer wants to use the ATS OCSP code without > duplicating > >>>> anything. > >>>> > >>>> Syeda Persia Aziz > >>>> Software DeveloperYahoo! Inc.Champaign, Illinois > >>>> > >>>> On Tuesday, March 27, 2018, 2:57:12 PM CDT, James Peach < > >>>> jpe...@apache.org> wrote: > >>>> > >>>> > >>>> > >>>>> On Mar 27, 2018, at 12:45 PM, Persia Aziz > >> <persia.a...@yahoo.com.INVALID> > >>>> wrote: > >>>>> > >>>>> TSReturnCode TSSslOCSPCallbackSet(TSSslContext ctx) > >>>>> TSSslOCSPCallbackSet sets the OCSP callback described in ATS > >>>> > >>>> What does "sets the OCSP callback described in ATS" mean? If I'm > >> writing a > >>>> plugin why would I call this API? > >>>> > >>>>> to the SSL context passed as an argument. This API is useful for > >>>> contexts created externally via plugin > >>>>> > >>>>> PR: https://github.com/apache/trafficserver/pull/3353/files > >>>> > >>>> Looking at the PR, this enables OCSP stapling? Could you please > explain > >>>> the motivating problem and rationale, and document the semantics of > the > >>>> proposed API? > >>>> > >>>> J > >>>> > >> > >> > >
