IETF Logo Mail Archive

[lamps] The Status of OCSP and its future

"Dr. Pala" <madwolf@openca.org> Thu, 24 October 2019 15:01 UTC

Return-Path: <madwolf@openca.org>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 79E7B1209AA for <spasm@ietfa.amsl.com>; Thu, 24 Oct 2019 08:01:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VnM5rCpD3ea7 for <spasm@ietfa.amsl.com>; Thu, 24 Oct 2019 08:01:14 -0700 (PDT)
Received: from mail.katezarealty.com (mail.katezarealty.com [104.168.158.213]) by ietfa.amsl.com (Postfix) with ESMTP id 509FC1208CC for <spasm@ietf.org>; Thu, 24 Oct 2019 08:01:14 -0700 (PDT)
Received: from localhost (unknown [127.0.0.1]) by mail.katezarealty.com (Postfix) with ESMTP id 1F0BA374137D for <spasm@ietf.org>; Thu, 24 Oct 2019 15:01:14 +0000 (UTC)
X-Virus-Scanned: amavisd-new at katezarealty.com
Received: from mail.katezarealty.com ([127.0.0.1]) by localhost (mail.katezarealty.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id vBKwJGHjFwFK for <spasm@ietf.org>; Thu, 24 Oct 2019 11:01:12 -0400 (EDT)
Received: from Maxs-MBP-2.cablelabs.com (unknown [192.160.73.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.katezarealty.com (Postfix) with ESMTPSA id BEA47374107C for <spasm@ietf.org>; Thu, 24 Oct 2019 11:01:12 -0400 (EDT)
To: LAMPS WG <spasm@ietf.org>
From: "Dr. Pala" <madwolf@openca.org>
Message-ID: <8c84cf2c-c192-c13b-17e5-7ae09b748530@openca.org>
Date: Thu, 24 Oct 2019 09:01:12 -0600
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:60.0) Gecko/20100101 Thunderbird/60.9.0
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="------------7E8A4155E4185C847049FB45"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/Ug_HtJz5FQvLbiXIdGXH---q7N8>
Subject: [lamps] The Status of OCSP and its future
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Oct 2019 15:01:17 -0000

Hi All,

I just wanted to start the conversation around the status of revocation 
infrastructures and possible work we can be doing to address some of new 
issues deriving from the deployment of large PKIs. In particular, we are 
working on the optimization of the OCSP protocol to better serve some of 
the use-cases we have.

Specifically, for very large PKIs (i.e., few hundreds million 
certificates valid at any given time), the OCSP protocol does not scale 
well. In fact, taking into consideration how we operate OCSP responders 
today, the larger the PKI is, the higher the costs of providing a good 
revocation infrastructure is.

Our approach stem from two practical considerations: the occasion to 
provide optimized responses for the non-revoked case, and the 
possibility to reduce the number of round trips required to retrieve the 
revocation status for the full chain of certificates. In particular:

  * /*Optimizing for the common case (non-revoked certificate).*/ In
    particular, for certificates that have no revocation information, we
    do not have to provide specific responses for each individual
    certificate (as we do in the revoked case), but we can provide
    responses for ranges of certificates where the status is not
    revoked. In a PKI with a population of 100M certificate and a
    revocation rate of 5%, using "range" response types reduces the need
    for calculating OCSP responses from 100M to 1M (i.e. 2N + 1 where N
    is the population of revoked certificates). This allows to
    pre-generate responses more quickly, allows for lower costs of
    running the revocation infrastructure, and it is better for the
    planet :D

  * /*Providing Full Chain responses.*/ Although single OCSP responders
    can be authoritative for their own CA only, they can attach the
    responses for the full chain as additional data. If we add this
    possibility, then a single OCSP request can provide the
    client/server with the full chain of certificates up to the Root.
    This might be tricky in complex scenarios where cross-certification
    is used, but it would definitely work for the Web PKI and IoT use cases.

Given these considerations - and the fact that large PKIs are being 
deployed, today, for the IoT case - we would like to start the 
discussion around the current status of OCSP and possibly work on a 
proposal for moving forward with a more efficient protocol.

What do you think ? Anybody would like to tackle this problem together ?

Cheers,
Max

-- 
Best Regards,
Massimiliano Pala, Ph.D.
OpenCA Labs Director
OpenCA Logo

v2.23.0 | Report a Bug | By Email