1. 2
  1. 3

    One of the biggest problems with existing revocation mechanisms is their soft-fail nature. If the client can’t do the check, it gives up and accepts the certificate as valid.

    That’s a pretty bold assumption. If you want to use CRL for security, then you better disable soft fail.

    This is what we do at $job for ALL our application. The main downside is that you’re basically down, when the CRL is not answering, or you have issues to reach the CRL (or OCSP for that matter). If you really care about uptime, you can cache the CRL, but that has limited value since you’ll have some delay to get new revocations.

    Ultimately, the best way to fight this is short lived certificates, as you don’t need any CRL since the validity date will act as one. Although, it’s also a compromise since you have some attack surface time between expiration and revocation.

    1. 1

      All an attacker would need to do is block my DNS requests or the HTTP requests themselves and if they’re in control of my network in some way then I’m screwed.

      IMO this significantly raises the bar for malicious entities from simply receiving a certificate to both receiving a cert and gaining control over their target’s network.

      1. 1

        You already needed network control to send the traffic to servers you control, didn’t you?

        1. 1

          Maybe this isn’t the most common use case for CRLs but I was thinking of someone using a stolen cert or server for phishing/spoofing, where the traffic originates from victims browsers

          1. 1

            Okay, I steal a cert for www.google.com and setup a phishing page.

            Victim types in www.google.com and traffic is routed to googles servers.

            I trick them into opening my phishing page, but the cert is for the real domain so the browser rejects it.

            1. 2

              Yeah you’re right, they’d need to take over DNS or compromise a server somehow.

      2. 1

        It’s only “pointless” if you’re only focusing on an attacker who can block your traffic. There are still lots of cases where attackers can’t block your traffic though.

        So perhaps a better title would be, “you can’t rely on revocation checks alone.” Which honestly, nobody does. It’s just one of the many layers of security we have.

        Perhaps the key is that revocation checks still help the public at large, but not so much organizations who are concerned about targeted attacks. Or individuals living under a repressive regime that controls all traffic.