It discusses httpd's (and nginx's) broken OCSP stapling implementations. This is outside of my wheelhouse, but wanted to raise awareness for someone familiar with that code who may be interested in taking a look. The post references bz57121 from 2014(!).
Please note also that I had some conversations with the Linux
Foundation / Core Infrastructure Initiative about OCSP stapling and
hey indicated that they would consider to provide funding if there's an
effort to improve the situation.
did you receive any reply on this from a httpd dev? I am currently about to embark on a project in the OCSP neighbourhood, so I do not have 100% time available right now. But I would be sorry to leave such an opportunity for funded improvement of httpd go to waste...
If not, who would be a good contact at Linux Foundation / Core Infra to talk to?