23 Apr
2016
23 Apr
'16
8:51 a.m.
On Apr 23, 2016, at 6:24 AM, Mitsuhiro Nakamura <mitsuhiro.nakamura@nabiq.co.jp> wrote:
I have to protect cert ddos attacks for OCSP server.
The solution is to limit the number of EAP authentications which can be done. And to be honest, EAP takes more work than OCSP checks. If your OCSP server can't keep up with EAP traffic, you need to upgrade your OCSP server. Alan DeKok.