Somewhere I read that EV certs (green bar) are slower because of an additional round trip or so. If it is the case, can someone point me to an article that explains this?
Browsers actually validate the certificate through CRL / OCSP for EV sites, if I recall correctly.
That takes time and adds latency and there are differences between CA's in OCSP server performance. Your location can obviously impact performance too. If you're performance conscious you might want to take this into account.
This is actually something people don't consider when they say certificates should be free - running these CRL / OCSP servers costs money.
Yes. It's meant to lessen the load on the OCSP responders and improve performance. The server will periodically fetch the OCSP response and serve it to clients so not every client needs to do it themselves.
EV certificates require OCSP: Section 26-A of the issuing criteria requires CAs to support OCSP checking for all certificates issued after Dec. 31, 2010.
However as the other poster notes, OCSP stapling includes recent proof that the cert hasn't been revoked the initial handshake, removing additional round trips. See https://en.wikipedia.org/wiki/OCSP_stapling
That takes time and adds latency and there are differences between CA's in OCSP server performance. Your location can obviously impact performance too. If you're performance conscious you might want to take this into account.
This is actually something people don't consider when they say certificates should be free - running these CRL / OCSP servers costs money.
https://www.imperialviolet.org/2012/02/05/crlsets.html
Netcraft does OCSP responder performance analytics: http://uptime.netcraft.com/perf/reports/performance/OCSP