httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dr Stephen Henson <shen...@oss-institute.org>
Subject Re: mod_ssl OCSP questions
Date Fri, 30 Nov 2007 17:04:21 GMT
Joe Orton wrote:
> Many thanks for the detailed response!  Everything taken on board, with 
> one further question:
> 
> On Thu, Nov 29, 2007 at 09:35:40PM +0000, Dr Stephen Henson wrote:
> ...
>> OpenSSL supports #1 and #2 directly so these should be automatic if the
>> OpenSSL OCSP API has been used correctly.
>>
>> A limited form of #3 is implemented in OpenSSL. A generalised version
>> might be more appropriate in some circumstances but would need
>> additional configuration options to implement.
> 
> Making the responder signature verification configurable in mod_ssl 
> would just involve setting up a different set of trusted certs in an 
> X509_STORE_CTX and passing that as the context parameter to 
> OCSP_basic_verify(), right?  (When you say "OpenSSL supports...", I 
> wonder if there is something more subtle here)
> 

There isn't any need to have a separate store really. A set of root CAs
for different purposes can share a common store with each one given an
appropriate set of trust settings. These can be edited using the OpenSSL
'x509' utility.

The idea here for example is that a root CA can be labeled as trusted
for client authentication or server authentication only.

To retain compatibility with root CAs without trust settings most are on
by default.

OCSP signing is an exception which is off by default.

When a root has OCSP signing trust enabled any chain leading to it can
be used to sign arbitrary OCSP requests. This is a specific case of #3
where a special chain is used as a "global responder" which is trusted
to give status information about any CA.

There's some more info about this at:

http://www.openssl.org/docs/apps/ocsp.html#OCSP_Response_verification_

In some cases that is too wide and restrictions on the set of CAs a
given chain can authorise is more appropriate.

We could in future extend the OpenSSL trust settings to authorise chains
only for specific CAs (e.g. by OCSP IDs). That would probably make the
need for separate per-CA configuration options in mod_ssl unnecessary.

Steve.
-- 
Dr Stephen N. Henson.
Core developer of the   OpenSSL project: http://www.openssl.org/
Freelance consultant see: http://www.drh-consultancy.co.uk/
Email: shenson@drh-consultancy.co.uk, PGP key: via homepage.

Mime
View raw message