Opened 5 years ago
Last modified 2 years ago
#6802 enhancement new
TLS: support OCSP stapling
| Reported by: | Tobias Oberstein | Owned by: | |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | core | Keywords: | TLS, pyOpenSSL, OCSP |
| Cc: | Adi Roiban, jonathan@… | Branch: | |
| Author: |
Description
Quoting from [here]http://en.wikipedia.org/wiki/OCSP_stapling
OCSP stapling, formally known as the TLS Certificate Status Request extension, is an alternative approach to the Online Certificate Status Protocol (OCSP) for checking the revocation status of X.509 digital certificates.
In short, this provides two advantages:
- [speeding up]http://blog.cloudflare.com/ocsp-stapling-how-cloudflare-just-made-ssl-30 TLS handshaking for clients
- reducing load on OCSP responders (operated by CAs)
The TLS extensions is defined in [this RFC]http://tools.ietf.org/html/rfc6066#section-8 and supported by a few servers like [Nginx]http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_stapling.
In OpenSSL, there once was a [vulnarability]https://www.rapid7.com/db/vulnerabilities/http-openssl-cve-2011-0014 that got fixed [here]http://www.openssl.org/news/secadv_20110208.txt.
For OpenSSL based servers, usage can be seen here:
- https://github.com/openssl/openssl/blob/master/apps/s_server.c#L2261
- https://github.com/openssl/openssl/blob/master/apps/s_server.c#L832
Providing support for OCSP stapling in Twisted would be great, though non-trivial. A prerequisite would be exposing the relevant bits in pyOpenSSL.
Some more info:
- http://unmitigatedrisk.com/?p=100
- http://unmitigatedrisk.com/?p=241
- https://www.imperialviolet.org/2009/12/20/setting-up-ocsp.html
- http://wiki.nikhef.nl/grid/How_to_handle_OpenSSL_and_not_get_hurt_and_what_does_that_library_call_really_do%3F#OCSP
- http://trac.nginx.org/nginx/browser/nginx/src/event/ngx_event_openssl_stapling.c
Change History (3)
comment:1 Changed 4 years ago by
comment:2 Changed 3 years ago by
| Cc: | Adi Roiban added |
|---|
The referred articles concludes with
If we want a scalable solution to the revocation problem then it's probably going to come in the form of short-lived certificates or something like OCSP Must Staple.
OCSP Must Staple is essentially creating short-lived certificates.
I think that Adam Langley only takes into account TLS usage in web browsers over public networks.
I have created tickets for python cryptography ... as pyopenssl depends on them:
https://github.com/pyca/cryptography/issues/1863 https://github.com/pyca/cryptography/issues/1864
maybe we will also need to implement this in pyopenssl once cryptography provides this.
comment:3 Changed 2 years ago by
| Cc: | jonathan@… added |
|---|
Given https://www.imperialviolet.org/2014/04/19/revchecking.html I find this rather low-priority.