Well, the issue is that when I ask the relocation server for a validity of a certain cert, it gets my IP.
Yes, back when OCSP was designed, that didn't seem to be a big deal. Wallets don't use it anyway.
Wallets don't use it, but isn't it like: wallets use OpenSSL that uses parent certificates installed in the OS, and it is the OpenSSL+OS that eventually asks the revocation server, without leaving the wallet any control over the actual process?
Sorry - it might be a stupid question, I don't know how it works, so just asking.