[citrin_ru]

It is questionable if OCSP stapling reduces TLS handshake time.

Without OCSP browser makes slow request to CA, but caches results for a long time so slow request happens not often.

With OCSP stapling enabled more data is transferred between client and server on each TLS handshake.

Main proponents of OCSP stapling are CA, because it saves them bandwidth/hardware.

[pfg]

Thinking about this a bit, it seems to be that clients talking to a server with OCSP stapling support could still make use of cached OCSP responses by simply omitting the "status_request" extension in the client hello, which would cause the server not to send the stapled OCSP response. I don't think any clients behave that way today, though.

I'm not certain how session resumption plays into this either. If OCSP is skipped for resumed session as well (which would be my guess), you'd probably not take that small bandwidth hit all that often.

As an aside, OCSP stapling improves your user's privacy quite a bit as well, by not giving your CA a list of all IP addresses connecting to a domain.