Some certificate authorities have banded together to create the Certificate Authority Security Council (CASC) and they're pushing the adoption of online certificate status protocol (OCSP) stapling. What is OCSP and OCSP stapling? Should organizations only use certificates that feature the protocol?