What data is actually going over OCSP? I thought it was only ever checking for revocation and not actually sending app data, and I believe only ever happens when you want to take an app out of quarantine versus every app launch. You can always disable gatekeeper if you so please.
It does check for revocation. Using the developer's unique certificate ID, which, for the vast majority of developers, uniquely identifies an app. Over unencrypted HTTP.
OCSP over unencrypted http has not yet been replaced. I believe that the constellation of apps (identified by proxy by their developer IDs which are transmitted) can in a lot of cases uniquely identify a system, given a sufficient number of apps installed/used.
IP Addresses: 2600:1402:e::b833:965b
TCP Port: http (80)Protocol: TCP
Connected: no
Connects: 0 allowed, 7,359 denied
First Activity: 2/11/21, 22:20
Last Activity: 5h 29m ago
Yea sorry, sneak's right, it's still going port 80.