5

I had used OCSP stapling in AWS in the past, due to changes on AWS they no longer allow this. This has resulted in having to open a firewall rule to allow outbound HTTP traffic for OCSP from client devices.

For us opening port 80 is not allowed across a secure network that a device sits on and some people have raised concern that sending data over HTTP in cleartext leaves it open to MiTM manipulation on route to the OCSP server.

When I read the information about Online Certificate Status Protocol it talks of using HTTP but I cannot see where it specifically states it must be port 80.

Anyone got experience of using OCSP and not using port 80 or had any security concerns about opening such ports to this traffic.

Lismore
  • 153
  • 1
  • 1
  • 4
  • Related: Similar question for CRLs: https://security.stackexchange.com/questions/242953/crl-over-https-is-it-really-a-bad-practice – StackzOfZtuff Sep 01 '21 at 09:12

1 Answers1

9

OCSP does not have to be on port 80. However, the URL for the OCSP service is specified in the certificates whose validity you are checking; if you want to run it on another port, you need to make sure that the certificates contain the proper port specification.

The reason why OCSP can be run on HTTP 80, rather than HTTPS, is that the OCSP responses are already signed by the OCSP server. The OCSP client will validate that the signature is authorized to sign OCSP responses for the CA that has issued the certificate it's checking; any MITM would make that validation fail - so adding an extra layer of encryption/authentication does not increase security, but does add complexity and increases possible failure modes.

As pointed out in a comment, running OCSP over HTTP does have the drawback that it's potentially possible for an attacker to intercept network traffic and see what certificates you are checking. However, they are still not able to change the contents of the response.

Jenny D
  • 27,358
  • 21
  • 74
  • 110
  • 2
    OCSP responses are signed, which ensure integrity and prevent MITM, however it does not ensure privacy - anybody can see number of certificate you are checking. HTTPS can be used to ensure privacy, but it has to be defined in the certificate. (see https://tools.ietf.org/html/rfc6960#page-30) – Honza Jun 26 '18 at 14:14
  • 1
    @Honza That's a good point. I'll edit the answer to include that. – Jenny D Jun 26 '18 at 14:33
  • 5
    There is also a bootstrapping problem. If you use HTTPS to fetch the OCSP response, you have to check the certificate for the server that is providing the OCSP responses. This presumably involves checking its OCSP status ... – Martin Bonner supports Monica Nov 19 '18 at 11:08