On 7/10/23 21:47, Sean Gallagher wrote:
While I am always for security improvements, the utility of this
unclear. I will ABSTAIN from this poll.
Presently, any system administrator who intends to issue must-staple
certificates, faces the dilemma to either chose to
a) Refrain from issuing must-staple certificates at all, resulting in
the loss of a valuable security feature.
b) Issue must-staple certificates without an OCSP response in Dovecot,
thereby breaking the TLS RFC (and “hope for the best” on the client
side…).
or c) use must-staple on a host-by-host basis
I am not using must-staple ... but I have haproxy stapling OCSP for any
tcp/443 or udp/443 connection. I do not have any other endpoint (like
submission, smtp, imap, etc) doing stapling, but I would like that to be
possible.
For those who don't know about it ... OCSP stapling makes the TLS
handshake faster because the client does not need to make a separate
outgoing OCSP request (which may be quite slow) to verify that the
server certificate hasn't been revoked. The stapled OCSP response is
signed by the CA and has a very short lifetime, so forging a response is
difficult.
Question) Do any popular email user agents validate an OCSP response if
stapled? (gut feeling is MAYBE/NO)
Question) Do any query an OCSP server if the OCSP response is not
stapled? (gut feeling is NO)
Browsers definitely do validate OCSP and make a query if the OCSP
response isn't stapled. I have no idea whether that's done in the
browser or the TLS library. If it's in the TLS library (openssl being
the most prevalent example), then it is at least POSSIBLE for dovecot
and other server software to do it.
Question) Has OCSP really got a future? (gut feeling - a few years at
least)
OCSP is something I have been hearing about for quite a while. I think
it's probably going to stick around.
Thanks,
Shawn
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
