Re: [TLS] Justification

"Brian Smith" <> Wed, 12 May 2010 17:26 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id AB0B028C160 for <>; Wed, 12 May 2010 10:26:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.742
X-Spam-Status: No, score=-0.742 tagged_above=-999 required=5 tests=[AWL=-0.557, BAYES_40=-0.185]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id mgW+tnByaKzN for <>; Wed, 12 May 2010 10:26:02 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id E7F4528C184 for <>; Wed, 12 May 2010 10:01:23 -0700 (PDT)
Received: from T60 (unknown []) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 6FEAE509DC; Wed, 12 May 2010 13:01:06 -0400 (EDT)
From: "Brian Smith" <>
To: "'Adam Langley'" <>
References: <> <> <> <> <> <> <> <> <> <004901caf1ea$783e23a0$68ba6ae0$> <>
In-Reply-To: <>
Date: Wed, 12 May 2010 12:01:07 -0500
Message-ID: <006501caf1f4$b9ad3150$2d0793f0$>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Outlook 14.0
Thread-Index: AQHHMro8BXdqp6B5/qHhToooO2CPmgGfG5qMAaJ7oHgBywOFAwFvQCN6Al9XCi8CV+kowwInHXWlAcqsZDQBQ8brsAG7bSMGAl3emYc=
Content-Language: en-us
Subject: Re: [TLS] Justification
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 12 May 2010 17:26:03 -0000

Adam Langley wrote:
> On Wed, May 12, 2010 at 11:47 AM, Brian Smith <> wrote:
> I don't think that a caching mechanism based on hashing the OCSP responses is
> going to be optimal for this. A different caching mechanism that allows the
> client to ask specifically for only *newer* (not just *different*) OCSP responses
> would be much better.
> The specific case that I'm worried about is a client connecting to a
> server for which the previously cached OCSP responses have expired.
> As an example, consider a server which returns two certificates: 806
> and 807 bytes long. The OCSP responses for these certs are 1085 bytes
> long. So the total return is 3783 bytes, not including the overhead of
> the ServerHello etc. This is very close to the three packet limit.

Yes, I understand. But, just because the server has a different OCSP response, doesn't mean that it's OCSP response is better than the cached one. For example, two responses could have different producedAt times but the same thisUpdate/nextUpdate times. Or, even thisUpdate might be slightly newer, but not enough to make it worthwhile to download it. AFAICT, optimally the client would ask for an OCSP response with thisUpdate >= X, where X is some time significantly later than its cached OCSP response's thisUpdate but before its cached OCSP's responses nextUpdate.

At any rate, I think it would be better to discuss the optimal way of caching OCSP responses first, independent of syntax. Then it would be clear whether this syntax or another one would be best.