IETF Logo Mail Archive

Re: [pkix] New draft-ietf-pkix-rfc2560bis-06

mrex@sap.com (Martin Rex) Wed, 24 October 2012 22:40 UTC

Return-Path: <mrex@sap.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC8421F0C54 for <pkix@ietfa.amsl.com>; Wed, 24 Oct 2012 15:40:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.211
X-Spam-Level:
X-Spam-Status: No, score=-10.211 tagged_above=-999 required=5 tests=[AWL=0.038, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v45KnCXPAMlE for <pkix@ietfa.amsl.com>; Wed, 24 Oct 2012 15:40:42 -0700 (PDT)
Received: from smtpde01.sap-ag.de (smtpde01.sap-ag.de [155.56.68.170]) by ietfa.amsl.com (Postfix) with ESMTP id 007E51F0C49 for <pkix@ietf.org>; Wed, 24 Oct 2012 15:40:41 -0700 (PDT)
Received: from mail.sap.corp by smtpde01.sap-ag.de (26) with ESMTP id q9OMeaBP011090 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Thu, 25 Oct 2012 00:40:37 +0200 (MEST)
In-Reply-To: <010201cdb06a$7a37c670$6ea75350$@ditenity.com>
To: Piyush Jain <piyush@ditenity.com>
Date: Thu, 25 Oct 2012 00:40:35 +0200
X-Mailer: ELM [version 2.4ME+ PL125 (25)]
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="US-ASCII"
Message-Id: <20121024224035.E6D7E1A2F3@ld9781.wdf.sap.corp>
From: mrex@sap.com
X-SAP: out
Cc: 'Peter Rybar' <peterryb@gmail.com>, 'Stefan Santesson' <stefan@aaa-sec.com>, pkix@ietf.org
Subject: Re: [pkix] New draft-ietf-pkix-rfc2560bis-06
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: mrex@sap.com
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 24 Oct 2012 22:40:42 -0000

Piyush Jain wrote:
> 
> The people who are convinced that this is the way to go have not addressed
> the issues raised in this WG. The little extension does not hurt anyone but
> it does not provide any value in general except to a few implementations
> which are compromised. But it does take you down a slippery slope when you
> start promising that an OCSP responder can do much more than it is supposed
> to.
> 
> I don't think that it is unreasonable for a smart implementer to stop
> signature checking if his responder claims that it checks issuance. 


I completely fail to follow your argument here.

When you say "stop signature checking", do you mean checking the
CA signature on the certificate for which you perform the OCSP request?

In the exceptional case that
  - you exclusively use a securely preconfigured local OCSP responder,
  - this securely preconfigured local OCSP responder uses the optional
    cert hash extension in his responses and the hash returned with
    a good response matches the cert in question
  - you fully trust that securely preconfigured local OCSP responder
    to issue any cert it pleases like an omnipotent universal CA

then you may omit the signature check on the certificate in question.

In all other situations, you MUST verify the CA signature of the certificate
before using any OCSP AIA in that cert to query its status -- or you
misunderstand the X.509 security architecture and why it is vitally
important that (a) (1) is the very first step in the certificate
processing specified in PKIX/rfc5280:

   http://tools.ietf.org/html/rfc5280#section-6.1.3


-Martin

v2.23.0 | Report a Bug | By Email