Re: [TLS] New version of Multiple OCSP mode of Certificate Status extension
"Yngve Nysaeter Pettersen" <yngve@opera.com> Mon, 02 August 2010 16:45 UTC
Return-Path: <yngve@opera.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 2A1173A6950; Mon, 2 Aug 2010 09:45:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.949
X-Spam-Level:
X-Spam-Status: No, score=-5.949 tagged_above=-999 required=5 tests=[AWL=0.650, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2PcpIyRithZw; Mon, 2 Aug 2010 09:45:25 -0700 (PDT)
Received: from smtp.opera.com (smtp.opera.com [213.236.208.81]) by core3.amsl.com (Postfix) with ESMTP id D263C3A67E7; Mon, 2 Aug 2010 09:45:24 -0700 (PDT)
Received: from killashandra.oslo.osa (pat-tdc.opera.com [213.236.208.22]) by smtp.opera.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id o72Gjhvp015749 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 2 Aug 2010 16:45:45 GMT
Content-Type: text/plain; charset="iso-8859-15"; format="flowed"; delsp="yes"
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
References: <E1OfxqR-00006L-FJ@wintermute02.cs.auckland.ac.nz>
Date: Mon, 02 Aug 2010 18:45:13 +0200
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
From: Yngve Nysaeter Pettersen <yngve@opera.com>
Organization: Opera Software
Message-ID: <op.vgtktnagvqd7e2@killashandra.oslo.osa>
In-Reply-To: <E1OfxqR-00006L-FJ@wintermute02.cs.auckland.ac.nz>
User-Agent: Opera Mail/10.54 (Win32)
Cc: pkix@ietf.org, tls@ietf.org
Subject: Re: [TLS] New version of Multiple OCSP mode of Certificate Status extension
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: yngve@opera.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Aug 2010 16:45:26 -0000
On Mon, 02 Aug 2010 18:26:31 +0200, Peter Gutmann <pgut001@cs.auckland.ac.nz> wrote: > "Yngve Nysaeter Pettersen" <yngve@opera.com> writes: > >> This issue will not be any different from the current situation; When >> they >> check OCSP, clients only check the site certificate. If they check >> revocation >> for intermediates they use CRLs. In fact, for Opera's part, we retrieve >> CRLs >> while verifying the certificate, OCSP after the certificate has been >> checked, >> so CRLs are more "dangerous" from that perspective. > > Just out of interest, is this a pure performance optimisation, or a tacit > recognition of the fact that no public CA cert has ever been revoked no > matter > how negligently the CA has behaved [0] (and it's unlikely that one ever > will > because the collateral damage incurred makes it politically untenable), > therefore there's no need to spend too much time on revocation checks? > > What do other implementations do? Does anyone check CA certs for > revocation > when they process a cert chain? AFAIK, currently all the major browsers check for OCSP for the site certificates (IE for Vista and later, XP requires a preference change IIRC), I am not quite sure about CRLs, but checking intermediates is a requirement for Extended Validation verification. I didn't see any need to distinguish the cases, so we check CRLs for all certificates that identify them (and if one certificate have a CRL defined, we require them for all certificates below the Root, except the ones we check OCSP for, or we remove the padlock) Previously, intermediate CA roots were usually issued just to the CA that owned the Root, now I am seeing a tendency to issue intermediate CA certificates to larger companies, for example. Worst case, it might be that it is only a question of time before an intermediate CA have to be revoked (That is different from revoking a Root, where the collateral damage will be huge if it ever happens, but in such a case the Root key has probably been compromised). The optimization benefits for my proposals, is that the client need to check fewer online revocation resources than before, and they will preferably be more up to date, in the best case it does not have to check any online resources since the server provided them all. For the CA, there will ultimately be less traffic to the server, and it will depend less on the number of users, and more on the number of customers. -- Sincerely, Yngve N. Pettersen ******************************************************************** Senior Developer Email: yngve@opera.com Opera Software ASA http://www.opera.com/ Phone: +47 23 69 32 60 Fax: +47 23 69 24 01 ********************************************************************
- [TLS] New version of Multiple OCSP mode of Certif… Yngve N. Pettersen (Developer Opera Software ASA)
- Re: [TLS] New version of Multiple OCSP mode of Ce… Adam Langley
- Re: [TLS] New version of Multiple OCSP mode of Ce… Yngve Nysaeter Pettersen
- Re: [TLS] New version of Multiple OCSP mode of Ce… Yngve N. Pettersen
- Re: [TLS] New version of Multiple OCSP mode of Ce… Adam Langley
- Re: [TLS] New version of Multiple OCSP mode of Ce… Brian Smith
- Re: [TLS] New version of Multiple OCSP mode of Ce… Brian Smith
- Re: [TLS] New version of Multiple OCSP mode of Ce… Yngve N. Pettersen
- Re: [TLS] New version of Multiple OCSP mode of Ce… Rob Stradling
- Re: [TLS] New version of Multiple OCSP mode of Ce… Rob Stradling
- Re: [TLS] New version of Multiple OCSP mode of Ce… Yngve Nysaeter Pettersen
- Re: [TLS] New version of Multiple OCSP mode of Ce… Peter Gutmann
- Re: [TLS] New version of Multiple OCSP mode of Ce… Yngve Nysaeter Pettersen
- Re: [TLS] New version of Multiple OCSP mode of Ce… Brian Smith
- Re: [TLS] New version of Multiple OCSP mode of Ce… Peter Gutmann
- Re: [TLS] New version of Multiple OCSP mode of Ce… Peter Gutmann
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Rob Stradling
- Re: [TLS] New version of Multiple OCSP mode of Ce… Yngve Nysaeter Pettersen
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Yngve Nysaeter Pettersen
- Re: [TLS] New version of Multiple OCSP mode of Ce… Martin Rex
- Re: [TLS] New version of Multiple OCSP mode of Ce… Adam Langley
- Re: [TLS] New version of Multiple OCSP mode of Ce… Martin Rex
- Re: [TLS] New version of Multiple OCSP mode of Ce… Martin Rex
- Re: [TLS] New version of Multiple OCSP mode of Ce… Yngve N. Pettersen (Developer Opera Software ASA)
- Re: [TLS] New version of Multiple OCSP mode of Ce… Marsh Ray
- Re: [TLS] New version of Multiple OCSP mode of Ce… Martin Rex
- Re: [TLS] New version of Multiple OCSP mode of Ce… Martin Rex
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Miller, Timothy J.
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Martin Rex
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Marsh Ray
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Miller, Timothy J.
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Miller, Timothy J.
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Martin Rex
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Yngve N. Pettersen (Developer Opera Software ASA)
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Rob Stradling
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Martin Rex
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Nicolas Williams
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Martin Rex
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Nicolas Williams
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Martin Rex
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Nicolas Williams
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Peter Gutmann
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Peter Gutmann
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Peter Gutmann
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Miller, Timothy J.
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Martin Rex
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Peter Gutmann
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Nicolas Williams
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Peter Gutmann
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Nicolas Williams
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Dr Stephen Henson
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Martin Rex
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Nicolas Williams
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Peter Gutmann
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Nicolas Williams
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Peter Gutmann
- Re: [TLS] [pkix] New version of Multiple OCSP mod… Miller, Timothy J.
- Re: [TLS] [pkix] Accessing arbitrary AIA URLs Matt McCutchen