[SSL Observatory] Fixing Revocation, security policy

[Peter Gutmann]

Phillip Hallam-Baker <hallam at gmail.com> writes:

>The CAs I have worked with have always known the set of issued certs. 

The CAs *thought* they knew the set of issued certs.  As did DigiNotar.

>It was not an issue.

It wasn't an issue with DigiNotar either, until suddenly it was.

>What is the error response that a CA is meant to give when it receives a
>status request for a cert it knows was never issued?

According to OCSP either "not revoked" (confusingly labelled "good" in the
spec) or "unknown", depending on how the implementer feels at the time.
Relying parties can interpret this in any way they want, frequently as "the
cert is valid" since it's not "revoked".

(People were arguing over what the status values in OCSP meant long before it
became an RFC, so this isn't a new issue).

>If there isn't one we should fix OCSP in PKIX. I believe that was planned in
>any case.

PKIX have stated on several occasions, quite definitely, that they don't want
this changed and won't change it.  Thus my earlier comment about finally being
able to see what happens when hard reality collides with PKIX fantasy.

I think your comment:

  If there isn't one we should fix OCSP in PKIX. 

should really be phrased:

  If there isn't one we should fix PKIX.

A reformat and reinstall would be a good start [0].

Peter.

[0] Actully that's probably not the best approach.  At the moment PKIX serves
    as a convenient tarpit for a bunch of people who would be causing a
    tremendous amount of damage if they suddenly decided to stick their oars
    into other standards groups.  So it does serve a useful purpose, and
    disbanding it would probably be a bad idea.