Yeah - the cert would have to be shorter than the longest acceptable OCSP response for certificates. I think that's set to 10 days in the CAB Forum, but I'd be surprised if anyone issues OCSP responses that are valid that long.
The issue of revocation checking is where the proposal died in the CAB Forum. Opponents argued that mis-issued certificates are revoked immediately after issuance, meaning that traditional revocation is, on average, faster than short-lived certificate since the revocation usually occurs before the revocation information is cached. Jeremy -----Original Message----- From: dev-security-policy [mailto:dev-security-policy-bounces+jeremy.rowley=digicert....@lists.mozilla.org] On Behalf Of Brian Smith Sent: Thursday, September 4, 2014 5:07 PM To: Gervase Markham Cc: mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: Short-lived certs On Thu, Sep 4, 2014 at 6:04 AM, Gervase Markham <g...@mozilla.org> wrote: > On 04/09/14 12:52, Hubert Kario wrote: >> It all depends on the exact definition of "short-lived". If the >> definition is basically the same as for OCSP responses or shorter, >> then yes, they provide the same security as regular certs with hard >> fail for OCSP querying/stapling. > > The exact definition of "short-lived" is something I want to declare > out of scope for this particular discussion. Precisely defining a short-lived certificate is a prerequisite for a proper discussion of policy for short-lived certificates. It seems likely to me that short-lived certificates will be defined as certificates that would expire before the longest-acceptable-life OCSP response for that certificate would expire. Then it would be easy to understand the security properties of short-lived certificates, given that we understand the security properties of OCSP. Previously, we decided it was important that we have evidence that the OCSP responder know about all certificates that were issued by the CA, so we made it a requirement that OCSP responders must return not return "Good" for certificates that they do not know about. But, accepting short-lived certificates is equivalent to an OCSP responder returning "Good" for all certificates, whether it knows about them or not. So, we need to decide whether this aspect (a type of multi-factor authentication or counter-signature mechanism) is really important or not. It seems wrong for us to make it mandatory for long-lived certificates but not short-lived certificates, considering that the highest period of risk is immediately after issuance. Cheers, Brian _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
