OCSP is a well established protocol with properties that are well understood, the authors know it well. There are thus likely to be few surprises applying it to an application.

The document appropriately directs the reader to the well known privacy concerns of using OCSP - the party providing the responder has a source for traffic analysis.

One possible area that might deserve greater attention is the case where the OCSP responder is operated by an entirely separate party to the CA. For example, in a Lawful Intercept system.

Another possibility might be worth mentioning is that given that we expect to be using ECDH as the signature algorithm, rather than pre-generating actual signatures, a responder can pregenerate signing pairs {x, x.P}, then apply them to generating signature as needed.