[OpenCA-Devel] Unknown serial support patch (CA/B Forum BR v1.1.9)

[Vyronas T. <vts...@it...>]

CA/B Forum guideline v1.1.9 (since v1.0.3) Section 13.2.6 demands that 
an OCSP responder should not return GOOD to a request about an 
unrecognized serial. This patch implements that by logging the unknown 
serial and returning UNAUTHORIZED to the client. The serials are 
provided by a file that is specified in the CA configuration. A timeout 
option is supplied to reload the file each 'timeout' seconds. The 
serials file must be plaintext with each serial in hex (w/o "0x") and 
delimited by "\n".

The pull request in question is this: 
https://github.com/openca/openca-ocspd/pull/2