On Wed, Jul 28, 2010 at 5:51 PM, Peter Gutmann <[email protected]> wrote: > Nicolas Williams <[email protected]> writes: > >>Exactly. OCSP can work in that manner. CRLs cannot. > > OCSP only appears to work in that manner. Since OCSP was designed to be 100% > bug-compatible with CRLs, it's really an OCQP (online CRL query protocol) and > not an OCSP. Specifically, if I submit a freshly-issued, valid certificate to > an OCSP responder and ask "is this a valid certificate" then it can't say yes, > and if I submit an Excel spreadsheet to an OCSP responder and ask "is this a > valid certificate" then it can't say no. It takes quite some effort to design > an online certificate status protocol that's that broken.
OCSP is even better for an attacker. As the OCSP responses are unauthenticated[1], you can be easily fake the response with what ever the attacker likes. http://www.thoughtcrime.org/papers/ocsp-attack.pdf [1] Would be silly to run OCSP over SSL ;-) -- -- Alexandre Dulaunoy (adulau) -- http://www.foo.be/ -- http://www.foo.be/cgi-bin/wiki.pl/Diary -- "Knowledge can create problems, it is not through ignorance -- that we can solve them" Isaac Asimov --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [email protected]
