macOS Big Sur launch appears to cause temporary slowdown in even non-Big Sur Macs
▻https://arstechnica.com/gadgets/2020/11/macos-big-sur-launch-appears-to-cause-temporary-slowdown-in-even-non-bi
It didn’t take long for some Mac users to note that trustd—a macOS process responsible for checking with Apple’s servers to confirm that an app is notarised—was attempting to contact a host named ocsp.apple.com but failing repeatedly. This resulted in systemwide slowdowns as apps attempted to launch, among other things.
[...]
The “OCSP” part of the hostname refers to Online Certificate Status Protocol stapling, or just “certificate stapling.” Apple uses certificate stapling to help streamline the process of having millions of Apple devices checking the validity of millions and millions of certificates every day.
#ocsp #Gatekeeper #privacy #TLS
▻https://en.wikipedia.org/wiki/OCSP_stapling
The Online Certificate Status Protocol (OCSP) stapling, formally known as the TLS Certificate Status Request extension, is a standard for checking the revocation status of X.509 digital certificates.[1] It allows the presenter of a certificate to bear the resource cost involved in providing Online Certificate Status Protocol (OCSP) responses by appending ("stapling") a time-stamped OCSP response signed by the CA to the initial TLS handshake, eliminating the need for clients to contact the CA, with the aim of improving both security and performance.