Re: [TLS] OCSP Stapling confusion

Ryan Sleevi <> Tue, 11 December 2018 02:43 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id E41AA126CC7 for <>; Mon, 10 Dec 2018 18:43:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.649
X-Spam-Status: No, score=-1.649 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id y21PUU8wzW7e for <>; Mon, 10 Dec 2018 18:43:19 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id CE10E12426A for <>; Mon, 10 Dec 2018 18:43:18 -0800 (PST)
Received: by with SMTP id o19so1292888itg.5 for <>; Mon, 10 Dec 2018 18:43:18 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=1YItw3+9LpVVPSxI9YSryFEuo+KS+2fQ/lNOeeOVews=; b=MsSuC2kd2gEB9SVgKXExNQNJkX/oT9OlH2qa31jh3pmJyB5EtagmQ/IYtaR1SgB1l+ +AC71utQEDugM7q7TqejYyP1xvg+XyH0ULCuDvcMkQG3oIfF5n9FW90h1EIpDGblgHdX I+KbE195kmU3IEeskYzgvxnKd5Bd7Ucj2zNOg0SmseVA7Jir7SaI6bU4RgLBKvZR/QNu PWcnruJFGWs3KVaQiZSfWxBrc30HGguDDpU9nrWXHsqThMOAHQi7HxifjG6kgpFOXhdB bk+NJFLA7/7us4U+qBuYB25OjBHJQ588+PPMq/vkxn/qTD/JIwRWXLZlkH+DKvUZFDjf bjLw==
X-Gm-Message-State: AA+aEWYacjL69M2sKHNYQAriSoOk/stCUPHtxCX5qLnB13yOxpjntWbK lVREEqcv+tNIAE9KQCYzv/O8HI7W
X-Google-Smtp-Source: AFSGD/UG/lp9q6oj9XZd/YA7Js3rXBFQdeWslhdkebjlEKzX59ctPnWS22J4nm0OtzkZ0DmMHUl6zg==
X-Received: by 2002:a24:5dcd:: with SMTP id w196mr737235ita.149.1544496197721; Mon, 10 Dec 2018 18:43:17 -0800 (PST)
Received: from ( []) by with ESMTPSA id m11sm436311itb.24.2018. for <> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 10 Dec 2018 18:43:17 -0800 (PST)
Received: by with SMTP id h193so1315428ita.5 for <>; Mon, 10 Dec 2018 18:43:17 -0800 (PST)
X-Received: by 2002:a24:a3c7:: with SMTP id p190mr739180ite.39.1544496196916; Mon, 10 Dec 2018 18:43:16 -0800 (PST)
MIME-Version: 1.0
References: <> <> <>
In-Reply-To: <>
From: Ryan Sleevi <>
Date: Mon, 10 Dec 2018 21:43:05 -0500
X-Gmail-Original-Message-ID: <>
Message-ID: <>
To: Daniel Kahn Gillmor <>
Cc: "Salz, Rich" <>, "" <>
Content-Type: multipart/alternative; boundary="0000000000002c9e59057cb60be1"
Archived-At: <>
Subject: Re: [TLS] OCSP Stapling confusion
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 11 Dec 2018 02:43:21 -0000

On Mon, Dec 10, 2018 at 9:03 AM Daniel Kahn Gillmor <>

> On Mon 2018-12-10 02:24:29 +0000, Salz, Rich wrote:
> >>     * the status_request TLS extension doesn't provide a mechanism for
> >        stapling OCSP for intermediate certs.
> >
> > Nobody does this.  There's a handful of reasons, but the end result is:
> nobody does this.
> I'd be interested in hearing the reasons enumerated.  It seems to me
> like being able to promptly revoke an intermediate certificate is a
> useful bit of mechanism.  is it just because we hope the major browsers
> are clever and responsive enough that they'll push out a CRLset (or
> equivalent) when they hear of an intermediate that is found to be
> violating the BRs?

A few more reasons - speaking broadly to the "revoke intermediates" problem:

* The traditional revocation model (of CRLs and OCSP) is not as robust as
browser-based methods.
  - OCSP & CRLs both do the (Issuer+Serial number) dance, while alternative
revocation methods can use use the (Subject+SPKI), or even just the (SPKI),
as a blacklisting mechanism.
  - In the case of stapling responses for Intermediates, it's not
sufficient to 'simply' staple the response for the given intermediate - it
would have to consider all possible intermediates that chain to trust
anchors (both public and locally-configured).

* It's inefficient for the stated goal, under an adversarial model. This
applies to both leafs and intermediates.
  - While TLS 1.3 has the potential to make this better [1], the
intermediate response is generally going to be highly common between
multiple connections. There's no way (AFAIK), under V2 or 1.3, to indicate
that you already have a suitable response regarding a particular
intermediate. Past proposals [2] ran into a whole host of sharp edges of
complexity here; if memory serves, that complexity is very similar, in
terms of security/privacy/performance tradeoffs, as some of the cache
digest proposals [3] - bloom filters abound :)
  - If a client doesn't support it (and, indeed, only Microsoft provides
the relevant APIs in a safe way [4]), it's wasted bytes. Unlike
status_request_v2, AFAIK, there's no way for a 1.3 client to signal it's
uninterested in those intermediates; whether because it doesn't support
them or because it has alternative means.

* It's slow, under an adversarial model.
  - For leaves, we're talking 7 days of reusable "GOOD" response from an
adversary - the maximally permitted time under current root programs, less
than the 10 days the CABF BRs allow. For intermediates, as Ilari mentioned,
this becomes a substantially greater timescale. And this is without
touching on some of the ambiguity CAs rely on - the difference between
marking in their (internal only) database that a certificate is revoked
versus making that information publicly available (aka distributed to their
CDN). I'm told lag times may go up to an additional 7 days there.
  - For intermediates, this is "12 months". Some efforts to profile this
down [5] resulted in non-trivial pushback, given that many
non-actively-issuing certificates (offline roots/intermediates) require
ceremonies for the use of the key material - such as delegated responders
(which then opens up a whole new can of worms regarding compromises of
responder certificates - given id-pkix-ocsp-nocheck in the responders)

And this ignores some of the other "technical but not fundamental" problem,
such as few servers actually perform any form of path building or
validation on the certificates they will serve, and largely leave that to
the server administrator to configure. The lack of robust OCSP stapling
infrastructure for leaves - for which Microsoft IIS or Caddy may be the
only COTS server software robust enough to handle it - is dwarfed by the
complexity of also considering path building, possible paths, and finding
the 'ideal' intermediate and response to serve to avoid the known
challenges, let alone the challenges for some of the issues above.

To your specific question about the semantics for TLS 1.3, I don't think
that proposed semantic shift is good or desirable. I think it will both
increase inefficiency and fail to achieve the desired security properties,
as a consequence of the reasons above. Happy to expand on that, if it does
not seem like the conclusion logically follows the enumeration of problems.
That said, I also acknowledge that there aren't plans, at this time, to
support for "TLS Feature" extension, due to the policy and availability
implications, which are not technical and a consequence of the Web PKI

Hannes could speak to better threads capturing these discussions, no doubt
with CERT_OCSP_RESPONSE_PROP_ID allows per-certificate handle setting; NSS
uses ,
which is per CERTCertificate handle, except those can get shared between
connections, resulting in clobbering of the OCSP cache by 'adversarial'
peers. Of course, Firefox ignores this with"mozilla%3A%3Apsm%3A%3ANSSCertDBTrustDomain%3A%3AGetOCSPStaplingStatus%28%29+const"&redirect_type=single#162
. For Apple,
exists but doesn't provide any (documented) way of binding the
response<->certificate pairs.