Hacker News new | ask | show | jobs
by phi0 682 days ago
I've checked my DNS logs and there hasn't been a single hit against ocsp.apple.com over the last year, but around 20-30 hits for ocsp2.apple.com per day per device. (iphone, macMini, macbook)

Just blocking ocsp2.apple.com is probably fine if you're running anything recent-ish.
2 comments
Wowfunhappy 682 days ago
Does Little Snitch support regex? Perhaps it should be `ocsp\d*\.apple\.com`
link
JBiserkov 682 days ago
Block ocsp3.apple.com while you're at it.

And ocsp4. And 5. Block them all!

link