<P> Overall performance is also improved: When the client fetches the OCSP response directly from the CA, it usually involves the lookup of the domain name of the CA's OCSP server in the DNS as well as establishing a connection to the OCSP server . When OCSP stapling is used, the certificate status information is delivered to the client through an already established channel, reducing overhead and improving performance . </P> <P> The TLS Certificate Status Request extension is specified in RFC 6066, Section 8 . </P> <P> RFC 6961 defines a Multiple Certificate Status Request extension, which allows a server to send multiple OCSP responses in the TLS handshake . </P> <P> A draft proposal for an X509v3 extension field, which expired in April 2013, specified that a compliant server presenting a certificate carrying the extension must return a valid OCSP token in its response if the status_request extension is specified in the TLS client hello . The current version of the proposal has been extended to support additional TLS extensions . TLS developer Adam Langley discussed the extension in an April 2014 article following the repair of the Heartbleed OpenSSL bug . </P>

The server does not support ocsp stapling for its rsa certificate