Issue with OCSP stapling when server certificate has been revoked by CA

Maxim Dounin mdounin at
Sun Apr 13 15:11:31 UTC 2014


On Sun, Apr 13, 2014 at 01:55:24PM +0300, shimi wrote:

> On Sun, Apr 13, 2014 at 1:39 PM, Maxim Dounin <mdounin at> wrote:
> Hello!
> >
> > As long as no good OCSP response is received, nginx will not
> > staple anything as it doesn't make sense (moreover, it may be
> > harmful, e.g. if the response isn't verified).
> >
> >
> >
> Hello!
> Thank you for your answer. So I understand this is a deliberate behavior by
> nginx and not a bug.
> Followup question, then, if I may:
> By "good", do you mean "positive"? i.e. "we have verified that the
> certificate is OK and valid"?

I mean "good" as specified here:

> I'm not sure I understand why is it good idea not to tell the client that
> the certificate is known and has been revoked... the purpose (as I
> understand OCSP stapling) is to verify the cert is OK. Wouldn't returning
> no-response to a client might cause it to think it may be an intermittent
> issue with accessing OCSP, and thus "soft-fail" and trust the (revoked)
> cert "for now" until a proper response can be obtained? And if that is the
> case, wouldn't passing the negative response from the OCSP server
> immediately tell the client that something is fishy? (i.e. someone is
> MITM'ing the innocent user with a cert using a stolen key that was revoked
> by the real owner? The recent heartbleed bug is an excellent example...).
> Sounds like a security issue to me, but again, I may be missing something?

An attacker can and will do the same.  And nginx behaviour does 
not limit an attacker in any way.

Maxim Dounin

More information about the nginx mailing list