Hi, sadly I noticed that OCSP (security.OCSP.enabled) is still enabled in the latest TBB, I hope you are all aware that this data is sent unencrypted and can be used by CA's to track users.
 
OCSP Stapling has been a common feature of web servers since 2017, so I suppose we should rely on that instead?
 
Firefox is configured to use OCSP Stabling by default, but I still see an unencrypted OCSP connection for every https:// connection.
 
security.ssl.enable_ocsp_stapling   = true
security.ssl.enable_ocsp_must_staple   = true
 security.OCSP.enabled = 0
 
Best Regards,
Elise