SSL: welcome to digital GULAG

Let's take a look at a seemingly innocent practice of OCSP stapling. Basically it is a certification that your certificate is valid, with the certificate for the validity of your certificate being issued by your certificate authority and bundled with your original certificate. Sounds perfect! If only we could certify the validity of this second certificate too, with a third certificate issued by the same authority, would be enough, certainly, three certificates are enough for everyone. Right?

This practice stems from OSCP (an Internet protocol used for obtaining the revocation status) which is not nearly as funny, and far from «innocent».

The original OCSP implementation can introduce a significant cost for the certificate authorities (CA) because it requires them to provide responses to every client of a given certificate in real time. For example, when a certificate is issued to a high traffic website, the servers of CAs are likely to be hit by enormous volumes of OCSP requests querying the validity of the certificate.

Do you see what does this quote imply? That FOR EACH SSL CONNECTION YOU MUST ASK THE AUTHORITY'S PERMISSION. The certificate authority is now an authority that decides whether to allow or refuse your SSL connections. In real time. You no longer decide to connect to a host of your choice, this decision is moving to some authorities.

Let that sink in.

P.S. Certificate revocation (without SSL) is not that dangerous and absurd. It was initially designed to work OFFLINE, i.e. all certificates, requests and answers are strictly timestamped — which makes revocation lists valuable and transferable — this is all designed to post-factum verification of documents and such.


Only registered users can comment.