[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OCSP Status Information on a Certificate

To: IETF-PXIX <ietf-pkix@xxxxxxx>
Subject: Re: OCSP Status Information on a Certificate
From: Denis Pinkas <Denis.Pinkas@xxxxxxxx>
Date: Thu, 23 Apr 1998 16:25:40 -0700
Organization: Bull
Reply-to: Denis.Pinkas@xxxxxxxx
Sender: owner-ietf-pkix@xxxxxxx

Note: I am not sure that this message sent on Monday reached the list.
Sorry if this is a duplicate.
==================================================================

Slava,

Thanks for joining us.

(...)

> >  I fully agree. That's why I'm I don't think that issued/not issued
> >  should be a MAY: I think it has to be a MUST. We can be sure that 
> >  some clients will blow the comparison unless they are always told 
> >  whether or not the cert was even issued.

> Are we talking about fat OCSP client here ?
> Does the OCSP client in this case have full certificate chain ?
> Can we safely assume that fat OCSP client will need to verify signatures
> on the chain first, validity and other X509v3 constraints and only then
> submit OCSP request for status of every certificate in the chain ?

You are asking the right questions. 

> If this is so then, essentially, OCSP client is already in the possession
> of the well-formed certificate signed by the (indirectly or directly) 
> trusted CA key. In these circumstances receiving an anwer "not issued"
> may only mean that CA key is compromised and "unathorized" certificate 
> has been signed. But if someone has the CA key and can sign anything 
> with it (including "unathorized" certificates) then that someone can 
> also make sure that "unathorized" certificate has the same serial number
> as one of "authorized" and as long as we only send serial number to 
> identify a certificate in OCSP request the substitution of the 
> "authorized" cert with "unathorized" one will be unnoticed. This makes 
> "never issued" somewhat useless for fat OCSP clients.

> Is this reasoning wrong ?

The reasoning is correct. However I believe that your reasoning is also
valid for the other cases, i.e. I do not see how it is possible to take
a decision to accept a certificate without having that certificate in
hands, and as you correcly indicate you need anyway to verify signatures
on the chain first, validity and other X509v3 constraints. 

> Also since CA archiving capacity is always finite and we also talking
> about allowing "historical" OCSP queries "never issued" will have 
> to be replaced with "info unavailable" at least in some cases. This 
> further redices the value of "never issued" status.

 ... which is useless.

Denis


-- 
      Denis Pinkas     Bull S.A.          mailto:Denis.Pinkas@bull.net
      Rue Jean Jaures  B.P. 68            Phone : 33 - 1 30 80 34 87
      78340 Les Clayes sous Bois. FRANCE   Fax  : 33 - 1 30 80 33 21

Prev by Date: Re: OCSP Response Values and Structure
Next by Date: Re: [IETF-PKIX] Subject/Issuer Name Population
Previous by thread: Re: OCSP Status Information on a Certificate
Next by thread: I-D ACTION:draft-ietf-pkix-ocsp-caching-00.txt
Index(es):
- Date
- Thread