[cryptography] Chrome to drop CRL checking

ianG iang at iang.org
Tue Feb 7 07:36:32 EST 2012


On 7/02/12 20:56 PM, Marcus Brinkmann wrote:
> Hi,
>
> On 02/07/2012 03:52 AM, Steven Bellovin wrote:
>> http://arstechnica.com/business/guides/2012/02/google-strips-chrome-of-ssl-revocation-checking.ars
>>
>
> While I am no fan of CRLs, I think it's worth mentioning that Google's
> primary objective here does not at all seem to be the security of
> anything except their position in the race for the fastest browser:


The first thing to ask is whether CRLs/OCSPs have benefit security *at all*.

Google's suggestion is no.  I would agree.  Theory predicts that the 
combined weight of problems, well researched and experimentally measured 
by now, will lead to revocation being more or less ineffective.

(We've known this prediction since forever, 1998 is when I first heard it.)

We now have a few solid data points where all vendors decided not to 
rely on CAs revocation and instead issued new software.  So all vendors 
agree.

So, if this is the case - revocation delivers no benefit - then rip the 
bloody stuff out and make the browser faster and more reliable:

> "online revocation checks are slow and compromise privacy. The median
> time for a successful OCSP check is ~300ms and the mean is nearly a
> second. This delays page loading and discourages sites from using HTTPS"
>
> This is a very backward way to say that a 300ms faster response time
> encourages people to use Chrome over competing browsers.


If it works for Chrome, all will follow suit.  Apple, Microsoft and 
Mozilla are followers in the SSL/PKI game.

> The security argument itself seems very weak. There is no evidence yet
> that the alternative strategy that Google proposes, namely letting them
> control the CRL list (and thus another part of the internet
> infrastructure), is any safer for the user in the long run.

I (personally) trust google to control and distro the CRL list into the 
browser more than I trust the current revocation system.  They've got 
the incentives because they are the relying party.  They've got the 
smarts to write the software, *and* to think about the whole issue.  And 
the experience of recent events.  They've also got track record in 
privacy issues.

To me it's a no-brainer.  Who else comes close?  Who else even steps up 
to measure?


> Certainly the privacy concern that Google expresses "because the CA
> learns the IP address of users and which sites they're visiting" does
> not extend to Google itself, which already has much more detailed
> information about its users.
>
> With a dubious motive and no clear advantage over the existing
> infrastructure, I'm underwhelmed.


iang



More information about the cryptography mailing list