On 21 September 2012 09:58, Ben Laurie <[email protected]> wrote: > On 21 September 2012 06:50, Martin Rex <[email protected]> wrote: >> Santosh Chokhani wrote: >>> Ben Laurie, >>> >>> I am posting this at the suggestion of Stephen Ferrell. There is no >>> evidence that he supports or is against my analysis. He just thought this >>> mail list is the appropriate place to make my point.. >>> >>> My basic tenet is that the OCSP certinfo extension being discussed in PKIX >>> does not protect against RA compromise and may also not protect against CA >>> compromise since the attacker who compromised the CA may be able to create >>> an OCSP Responder certificate and either also put bogus OCSP pointer in the >>> minted certificates or use DNS poisoning on the relying parties. >>> >>> Thus, I think the certificate transparency is worth discussing. >> >> Locating the OCSP server through AIA in the EE cert might be the >> problem here. Maybe the OCSP responder ought to be located >> through an extension in the CA cert itself instead? > > That would make CT substantially harder, because then we'd have to > deal with authenticating chains instead of just EE certs - and EE > certs tend to have multiple authentication chains...
To be clear, CT does not deal with revocation itself, but there's little point in detecting mis-issuance if mis-issued certificates cannot be revoked! _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
