+++ This bug was initially created as a clone of Bug #926116 +++ We should backout the backout as soon as Bug 919677 lands in mozilla-central.

We can do this after we land an updated NSS. However, the updated NSS enables OCSP fetching with OCSP GET by default with no way to disable it. That is a good thing too, but we need to test that this works correctly in Gecko. I am tempted to create a branch off of the NSS trunk that has everything that is in the NSS trunk except OCSP GET and tag that NSS_3_15_3_BETA1 because I am not sure if/when we're going to have time to verify that OCSP GET is working correctly. And/or we should add the option to NSS to disable OCSP GET support until we can get to that. Adding the option is probably best in the long-term anyway.