Neil's interpretation of my poorly-worded question was correct - thank you
and apologies for the confusion.

On Thu, Sep 12, 2019 at 5:39 PM Ryan Sleevi <> wrote:

> On Thu, Sep 12, 2019 at 11:25 AM Alex Cohn via dev-security-policy <
>> wrote:
>> Should a CA using a precertificate signing certificate be required to
>> provide OCSP services for their precertificates? Or is it on the relying
>> party to calculate the proper OCSP request for the final certificate and
>> send that instead? In other words, should we expect a CT-naïve OCSP
>> checker
>> to work normally when presented, e.g., with
>> ?
> I think this may be the wrong framing. The issue is not about ensuring "a
> CT-naïve OCSP checker" can get responses for pre-certs. It's about ensuring
> that, from the point of view of a user agent that views a pre-certificate
> as evidence that an equivalent certificate exists, even if it's not known
> (or even if it was not actually issued), can they verify that OCSP services
> exist and are configured for that equivalent certificate?

Fair point. The only relying parties likely to come across
precertificates in practice are CT log clients, and it's reasonable to
assume those will be prepared to handle edge cases like this. (How many
actually handle this correctly? doesn't, as far as I can tell - OCSP
checks for the precert I posted earlier return "unauthorized", despite the
final certificate being good)

> In this scenario, because RFC 6962 establishes that, even when using a
> Precertificate Signing Certificate, it will have been directly issued by
> the CA Certificate that will ultimately issue the "final" certificate (...
> or would be treated as if it had), then we have the (name-hash, key-hash)
> that Neil was referring to, and we can easily verify using that, for the
> serial number indicated in the pre-certificate, that the OCSP response can
> be verified using the issuer of the Precertificate Signing Certificate.

That technique was what I was attempting to hint at with "on the relying
party to calculate the proper OCSP request for the final certificate".

> Have I overlooked some ambiguity?

Not that I can think of on further reflection. Just some
unanticipated-by-me edge cases :)

dev-security-policy mailing list

Reply via email to