On Fri, 18 Nov 2016 22:36:48 +0000 Wayne Thayer via Public <[email protected]> wrote:
> > > > * The CA takes care the all of the signed data is either static, > > defined by the CA, or of a known and expected form. > > Should we specifically ban nonces in OCSP responses? I think that would be a good idea. In addition, the OCSP responder must return an unsigned "unauthorized" response for unknown certificates (as permitted by RFC5019) rather than a signed "unknown" response. That's because the "unknown" response echoes back an attacker-controlled serial number which some implementations allow to be an arbitrary length. This seems like a simpler rule to follow and verify than saying the response must be of a "known and expected form." Regards, Andrew _______________________________________________ Public mailing list [email protected] https://cabforum.org/mailman/listinfo/public
