diff --git a/include/mbedtls/oid.h b/include/mbedtls/oid.h
index dd23926c4e..3fc6bf8929 100644
--- a/include/mbedtls/oid.h
+++ b/include/mbedtls/oid.h
@@ -183,6 +183,11 @@
 #define MBEDTLS_OID_TIME_STAMPING               MBEDTLS_OID_KP "\x08" /**< id-kp-timeStamping OBJECT IDENTIFIER ::= { id-kp 8 } */
 #define MBEDTLS_OID_OCSP_SIGNING                MBEDTLS_OID_KP "\x09" /**< id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } */
 
+#define MBEDTLS_OID_AD                          MBEDTLS_OID_PKIX "\x30" /**< id-ad OBJECT IDENTIFIER ::= { id-pkix 48 } */
+#define MBEDTLS_OID_OCSP                        MBEDTLS_OID_AD "\x01" /**< id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 } */
+
+#define MBEDTLS_OID_OCSP_NOCHECK                MBEDTLS_OID_OCSP "\x05" /**< id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 } */
+
 /*
  * PKCS definition OIDs
  */
diff --git a/include/mbedtls/x509.h b/include/mbedtls/x509.h
index f73842a58e..a6e839281b 100644
--- a/include/mbedtls/x509.h
+++ b/include/mbedtls/x509.h
@@ -161,6 +161,7 @@
 #define MBEDTLS_X509_EXT_NS_CERT_TYPE                (1 << 16)
 
 #define MBEDTLS_X509_EXT_AUTHORITY_INFO_ACCESS       (1 << 17)
+#define MBEDTLS_X509_EXT_OCSP_NOCHECK                (1 << 18)
 
 /*
  * Storage format identifiers
diff --git a/library/oid.c b/library/oid.c
index 7cdfe585e5..11f31aef95 100644
--- a/library/oid.c
+++ b/library/oid.c
@@ -282,6 +282,10 @@ static const oid_x509_ext_t oid_x509_ext[] =
         { ADD_LEN( MBEDTLS_OID_AUTHORITY_INFO_ACCESS ), "id-pe-authorityInfoAccess", "Authority Information Access" },
         MBEDTLS_X509_EXT_AUTHORITY_INFO_ACCESS,
     },
+    {
+        { ADD_LEN( MBEDTLS_OID_OCSP_NOCHECK ), "id-pkix-ocsp-nocheck", "OCSP NoCheck" },
+        MBEDTLS_X509_EXT_OCSP_NOCHECK,
+    },
     {
         { NULL, 0, NULL, NULL },
         0,
diff --git a/library/x509_crt.c b/library/x509_crt.c
index 7ca95e28de..f60b99b4f1 100644
--- a/library/x509_crt.c
+++ b/library/x509_crt.c
@@ -730,6 +730,17 @@ static int x509_get_crt_ext( unsigned char **p,
                 return( ret );
             break;
 
+        case MBEDTLS_X509_EXT_OCSP_NOCHECK:
+            /*
+             * Parse OCSP NoCheck
+             *
+             * TODO: It might be good to check that this extension is persent
+             * only when the Extended Key Usage is either ANY or OCSP Signing
+             */
+            if( *p != end_ext_octet )
+                return( MBEDTLS_ERR_X509_INVALID_EXTENSIONS );
+            break;
+
         case MBEDTLS_X509_EXT_AUTHORITY_INFO_ACCESS:
             /* Parse Authority Information Access */
             if( ( ret = x509_get_authority_info_access( p, end_ext_octet,
@@ -1649,6 +1660,13 @@ int mbedtls_x509_crt_info( char *buf, size_t size, const char *prefix,
             return( ret );
     }
 
+    if( crt->ext_types & MBEDTLS_X509_EXT_OCSP_NOCHECK )
+    {
+        ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: NULL",
+                                prefix, "OCSP nocheck" );
+        MBEDTLS_X509_SAFE_SNPRINTF;
+    }
+
     if( crt->ext_types & MBEDTLS_X509_EXT_AUTHORITY_INFO_ACCESS )
     {
         ret = mbedtls_snprintf( p, n, "\n%s%-" BC "s: ",