On 21 September 2012 06:50, Martin Rex <[email protected]> wrote: > Santosh Chokhani wrote: >> Ben Laurie, >> >> I am posting this at the suggestion of Stephen Ferrell. There is no >> evidence that he supports or is against my analysis. He just thought this >> mail list is the appropriate place to make my point.. >> >> My basic tenet is that the OCSP certinfo extension being discussed in PKIX >> does not protect against RA compromise and may also not protect against CA >> compromise since the attacker who compromised the CA may be able to create >> an OCSP Responder certificate and either also put bogus OCSP pointer in the >> minted certificates or use DNS poisoning on the relying parties. >> >> Thus, I think the certificate transparency is worth discussing. > > Locating the OCSP server through AIA in the EE cert might be the > problem here. Maybe the OCSP responder ought to be located > through an extension in the CA cert itself instead?
That would make CT substantially harder, because then we'd have to deal with authenticating chains instead of just EE certs - and EE certs tend to have multiple authentication chains... _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
