https://www.immuniweb.com/ssl/ is one of several sites that evaluate security for websites and issue "grades". On that site it claims that both NIST and HIPAA standards require OCSP, a feature that is no longer available in LE certficates. Is this community aware of any upcoming changes in the sta…

NIST and HIPAA require OCSP?

Buffalo June 29, 2025, 4:38am 6

I appreciate all the responses - looks like no real solution, other than NIST and HIPAA modifying their requirements. Food for thought, anyway.

2 Likes

Topic		Replies	Views
Questions and suggestions about OCSP deprecation and CRL Issuance Tech	2	511	November 18, 2024
OCSP Must-Staple breaking Issuance Tech	15	489	February 27, 2025
Improving revocation : will Let's Encrypt support OCSP Must-staple? Feature Requests	68	23211	June 25, 2016
Adding CRL URLs to certificates API Announcements	2	2254	March 12, 2025
OCSP: URI: http://ocsp.comodoca.com - why not https?	7	10430	October 27, 2015