[gnutls-devel] OCSP RFC6961 for web servers

Tim Ruehsen tim.ruehsen at gmx.de
Wed Feb 4 16:48:00 CET 2015

On Wednesday 04 February 2015 11:01:19 Nikos Mavrogiannopoulos wrote:
> However, at the current state the
> packets generated seem to be in accordance with wireshark, so as far as
> I understand, it remains to properly support it on the server side by
> enhancing the ocsptool to generate a combined status request, as well as
> accounting the multiple OCSP responses received on peer's certificate
> verification.

Please help me to understand it.

I thought ocsptool is to generate requests (and responses) for OCSP 
responders. What has this to do with the TLS extension status_request_v2 
(despite the fact that a HTTPS server could use the responses to build 
status_request_v2 stapled responses for the 'Server Hello').

So in my understanding, we have to address the webserver people to support 
OCSP (multi-)stapling via GnuTLS (e.g. apache mod_gnutls or mod_ssl people).

BTW, how trustworthy is OCSP stapling at all ? While ClientHello/ServerHello 
we are vulnerable to MITM. Couldn't this lead to a manipulated status_request 
answer, which tells the client that the cert is valid (not revoked) ?
The only one who knows is the issuer's OCSP responder, which will be contacted 
by plain-text HTTP (but I guess the answer can be validated by the issuer of 
the issuer resp. the offline CA cert, thus no MITM thread !?).
So, isn't OCSP stapling an insecure 'shortcut'... what did I miss ?

Regards, Tim
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20150204/bb2f8fec/attachment-0001.sig>

More information about the Gnutls-devel mailing list