It would be possible theoretically to define a response timeout value for OCSP requests, such that it "failed open" if the request couldn't succeed. But honestly, this particular problem has existed for as long as I can remember, and the very best recommendation would probably be to stand up your own local responder that pulls CRLs from DISA. If you have a Microsoft site license, then you already have a free OCSP responder that works as good as the other dedicate OCSP vendors. The beauty here is that you can configure the local responder to extend revocation status beyond the CRL end-date in case CRL stops working too.