full-chain ocsp stapling

Matt Caswell matt at openssl.org
Fri Oct 11 09:29:03 UTC 2019

On 11/10/2019 10:10, Jeremy Harris wrote:
> On 11/10/2019 09:57, Matt Caswell wrote:
>> OpenSSL does not currently support that. You can only place a status response
>> after the first certificate.
>> Matt
> That's why I asked:
>>> Are both layouts of the TLS1.3 Certificates record valid?

RFC8446 is not really very clear in this regards. All it says is:

   "In TLS 1.3, the server's OCSP information
   is carried in an extension in the CertificateEntry containing the
   associated certificate.  Specifically, the body of the
   "status_request" extension from the server MUST be a
   CertificateStatus structure as defined in [RFC6066], which is
   interpreted as defined in [RFC6960]."

Putting everything in a single CertificateEntry gives you equivalence with what
can be achieved in TLSv1.2 and is allowed by the syntax of a CertificateStatus
structure. So I *think* this is ok.

It is not described how one should interpret a single CertificateStatus covering
the whole chain, vs individual CertificateStatus entries, one for each Certificate.


More information about the openssl-users mailing list