- From: Web Security Context Working Group Issue Tracker <sysbot+tracker@w3.org>
- Date: Wed, 14 May 2008 09:53:35 +0000 (GMT)
- To: public-wsc-wg@w3.org
ISSUE-205 (OCSP Failure Risk): Add security consideration for OCSP failure http://www.w3.org/2006/WSC/track/issues/ Raised by: Praveen Alavilli On product: Propose the following subsection be added to section 9, as partial response to ISSUE-203 9.2 - Certificate Status Checking Failures [ref 5.5.1] The TLS Errors section does not document intended behaviour for web user agents when a certificate status check fails for network or other non-revocation reasons. At time of writing, the deployment environment for OCSP status checking is fragile and subject to frequent failures, so it is inappropriate to require user agents to treat such failures as warnings or errors. However, this creates a possibility for attack: site operators using a fraudulently obtained, and revoked, certificate may attempt to attack a CA's revocation infrastructure as a way to suppress revocation errors. User agent countermeasures for this vulnerability include: exposing failures of certificate validation checks to users as warning[ref] or danger[ref] level messages; or refusal to load sites that fail these checks.
Received on Wednesday, 14 May 2008 09:54:07 UTC