This is all true; OCSP-stapling is the thing these days.
But these browsers won't trust a cert if it can't be found a Certificate Transparency log. Yes, a cert should be in at least two of them but if there's a networking problem or infrastructure issue, you're SOL.
But these browsers won't trust a cert if it can't be found a Certificate Transparency log. Yes, a cert should be in at least two of them but if there's a networking problem or infrastructure issue, you're SOL.