[openssl-dev] OpenSSL 1.1.0 and OCSP stapling with status_request_v2 (RFC 6961)

Jouni Malinen j at w1.fi
Wed Feb 17 09:35:35 UTC 2016

It looks like there are some upcoming use cases that would need to be
able to use OCSP stapling to verify both the server certificate and the
intermediate CA certificate that issued that server certificate. This
would require support for RFC 6961 extensions to OCSP stapling. Since
the actual OCSP stapling processing is currently done outside the
OpenSSL library, the changes to allow this to be used on the TLS client
side would be pretty minimal for the library.

The current API does not allow this to be done since the
SSL_set_tlsext_status_type() function allows only one value
(TLSEXT_STATUSTYPE_ocsp = 1) to be used. It would be nice if OpenSSL
1.1.0 would make it possible to use the ocsp_multi(2) value in
status_request_v2(17) ClientHello extension. Other than the different
extension type and status type values (and listing both ocsp and
ocsp_multi types), the contents on that extension is identical to the
existing status_request case.

Since the OCSP stapling response is processed outside the library
handshake processing, a minimal support for this within OpenSSL would
not need other changes there than just accepting ocsp_multi(2) in
addition to the current TLSEXT_STATUSTYPE_ocsp(1). More could obviously
be added later to help parsing in applications, but that is not critical
for OpenSSL 1.1.0 to enable this functionality.

Would there be interest in getting at least the minimal changes in place
before the beta release so that OpenSSL 1.1.0 could be used to implement
ocsp_multi support for TLS client?

As far as the TLS messages are concerned, these are the changes needed
for the use cases I'm thinking of:

Building ClientHello:

Add status_request_v2 extension with minimal contents:
00 11 00 07 00 05 02 00 00 00 00

This is very similar to status_request extension that can currently be
00 05 00 05 01 00 00 00 00

Parsing ServerHello:
Accept status_request_v2 extension

Parsing CertificateStatus:
Accept certificate status type ocsp_multi(2)

Jouni Malinen                                            PGP id EFC895FA

More information about the openssl-dev mailing list