[SSL Observatory] PKI "fixes" that don't fix PKI (part II)

Phillip Hallam-Baker hallam at gmail.com
Wed Sep 21 08:31:32 PDT 2011


Some folk in this thread are posting a history of how OCSP came to be that
is completely wrong.


RSA Data Security had no part in OCSP at all. At the time the protocol was
developed they were bound by the terms of a non-compete with VeriSign which
they had spun out only a few years earlier. I can't remember Netscape having
any major part in the requirements either. Certainly their involvement in
PKIX was always driven by their browser side rather than the cert server
product. Accusing anyone of scheming to promote a particular business model
in those days is to over-estimate all of us by a long way. In those days it
was rare for a business model to last much longer than the luncheon that it
was conceived in.

OCSP had two origins. The first was in the Authenticode scheme developed by
Microsoft and VeriSign before I joined. This included a response token
scheme developed by Mike Meyers and Warwick Ford.

The second origin was the VeriSign interest in doing signed negotiable
documents. I had discussed some ideas on that with Warwick and Michael Baum
before joining VeriSign. The original idea of OCSP was that it would be a
way to sell insurance on a per-transaction model.


The forcing function on OCSP going into the IETF was (1) the increasing
length of the VeriSign CRL and (2) my discovery that Entrust had been issued
a patent on the CRL distribution point scheme.

Since I discovered the problem, I was given the job of rewriting the OCSP
spec as an ID which in the -00 version was (I think) authored by just myself
and Mike.


The initial proposal did not have ASN.1 involved at all. It was designed to
run over raw HTTP and take advantage of caching. This proposal was hijacked
by Valicert who rewrote the spec in ASN.1, added their name to the draft and
submitted it as an ID. This is incidentally the reason that I do not release
the copyright in my ID proposals until they have been accepted as a WG
item.

Valicert's scheme was to set itself up as a 'validation service' and turn
itself into some sort of 'PKI portal'. Yes in those days dotcom fever was
the best weed by far and we were all high on it.

My name fell off the draft as Mike took over the political maneuvering in
response to this move.


Incidentally, the move to ASN.1 was justified by the need for
'extensibility'. So a couple of years later we proposed adding a delegated
chain formation model into OCSP and Valicert proposed SCVP as an
alternative. SCVP is broken because an SCVP client still needs to be able to
do PKIX cert handling so delegating the trust part does not actually provide
any real leverage.


So I agree on the need to re-examine OCSP, but if we are going to go into
the history of things, lets go into what actually happened and the actual
conspiracies that were going on rather than invent a new set (which is not
even as interesting).


-- 
Website: http://hallambaker.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.eff.org/pipermail/observatory/attachments/20110921/f007bb59/attachment.html>


More information about the Observatory mailing list