[caops-wg] OCSP section 4

[Cowles, Robert D.]

> >Clients are off the net all the time, for a large number of reasons.
> >The relying party decisions are often time critical -- need 
> to be made
> >now, not 2 hrs from now when the router is fixed and the remote OCSP
> >responder
> >is visible again. 
> 
> If a client is off the net, it is not going to be easy to validate a
> certificate on-line because only if the certificate is on the
> localCRL/OCSPcache the client will be sure of its status. 
> Hopefully, most certificates being used should be valid. 
> Therefore, they
> won't be present in the localCRL. 

Sorry to be responding to this a week later but I have to point
out that attacks are not random events, they are often coordinated.
That means, unless you KNOW an OCPS responder is down because of a 
hardware problem or something similar, then it could well be 
"not responding" PRECISELY because you, the relying party, are
about to be asked to verify a newly compromised certificate. The
point I'm trying to make is that from a securit perspective it
is foolish to assume the events "OCSP responder is inaccessible"
and "asked to validate a compromised certificate" are independent
events ... as soon as we assume that, we create a vulnerability
that can be exploited.

Bob Cowles