PKI should have had stapled OCSP from the word go. If it had then I think we'd probably be quite happy to use OCSP today. Given that we don't have this in place I think what Google is doing with Chrome (pushing CRLs to the browser) is a very reasonable approach, but still, I wish we could have stapled OCSP.
There are no captive portal issues with stapled OCSP. The main issue with stapled OCSP is that it's not deployed widely enough. There are probably also operational considerations, such as whether servers can be configured to fetch fresh OCSP Responses frequently enough or at all (e.g., if firewalls prevent outbound connections, in which case we might need a mechanism by which OCSP Responses can be sent to servers for them to cache). As with other things about a certificate that we want to "pin", it'd be nice if a) servers could advertise that they always staple OCSP, b) RPs could learn this and insist on OCSP being stapled when they've seen it stapled and advertised as "will always be stapled". I'm thinking that regarding HSTS, it'd be nice to have a certificate extension by which to advertise what elements of a certificate RPs should pin. Similarly, it'd be nice to have a certificate extension by which to advertise that a certificate will always have an OCSP Response stapled. Is it too late? Nico -- _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
