I don't know much about TLS and HTTPS, so any corrections would be appreciated.
Why is security.OCSP.require option set to false by default? If I understand correctly, it means that when Firefox fails to reach the OCSP server, it will silently assume that the certificate it got hasn't been revoked. A man-in-the-middle attacker sitting close to the client can easily arrange for the OCSP server to be inaccessible. So with regard to MITM any rogue certificate becomes irrevocable. Obtaining a rogue certificate for existing website turns out to be surprisingly easy due to poor verification procedures of some CAs. Also, attackers can obtain valid certificates using vulnerabilities such as the recent MD5 collision and null prefix attacks. Being able to use a certificate for long after it was revoked substantially changes the economics of these attacks. _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
