Yeah, revocation is a hot mess, it's always been broken, and OCSP Stapling was our only hope -- but then most web servers (but not all! guess which one) dropped the ball. (Clients at least honored Must-Staple.)
Short certificate lifetimes is the ultimate way forward, and thankfully it's already available through Let's Encrypt, via the "shortlived" profile.
With a certificate that lives < ~7 days, there's virtually no need to revoke. Some clients/browsers will still move to revoke certificates within minutes or hours of their own choosing (see, that's the other frustrating thing, revocation is really just whatever you want), but I hope we'll only see that on internal PKIs, since doing that for public sites is essentially censorship.
I'm not seeing how there's no need to revoke. It means a compromised certificate is still considered valid for several days, in which a lot of damage can be done.
One thing the article doesn’t mention is that a lot of certs are revoked for purely admin reasons. CeasedOperations seems to be the case for Flair - nothing bad happened to the key, but the cert was revoked nevertheless.
This seems to be a common practice for some CAs or companies, but it’s not required AFAICT; and it contributes to the gigantic CRLsets that we have - most of those revocations wouldn’t actually be needed from a security pov.
Yeah, revocation is a hot mess, it's always been broken, and OCSP Stapling was our only hope -- but then most web servers (but not all! guess which one) dropped the ball. (Clients at least honored Must-Staple.)
Short certificate lifetimes is the ultimate way forward, and thankfully it's already available through Let's Encrypt, via the "shortlived" profile.
With a certificate that lives < ~7 days, there's virtually no need to revoke. Some clients/browsers will still move to revoke certificates within minutes or hours of their own choosing (see, that's the other frustrating thing, revocation is really just whatever you want), but I hope we'll only see that on internal PKIs, since doing that for public sites is essentially censorship.
> thankfully it's already available through Let's Encrypt, via the "shortlived" profile
Maybe if you're the developer of a major web server :), but the rest of us still have to wait for general availability [0] [1].
[0]: https://letsencrypt.org/docs/profiles/#shortlived
[1]: https://community.letsencrypt.org/t/shortlived-is-currently-...
I'm not seeing how there's no need to revoke. It means a compromised certificate is still considered valid for several days, in which a lot of damage can be done.
Propagating the revocation information often takes about as long.
One thing the article doesn’t mention is that a lot of certs are revoked for purely admin reasons. CeasedOperations seems to be the case for Flair - nothing bad happened to the key, but the cert was revoked nevertheless.
This seems to be a common practice for some CAs or companies, but it’s not required AFAICT; and it contributes to the gigantic CRLsets that we have - most of those revocations wouldn’t actually be needed from a security pov.