[cabfpub] Pre-Ballot - Short-Life Certificates

Sigbjørn Vik sigbjorn at opera.com
Mon Nov 24 15:59:17 UTC 2014

On 24-Nov-14 16:04, Ben Laurie wrote:
>     Sure, the log could send me a week-old response today, and I couldn't
>     prove to anyone that it sent me stale data. Old data doesn't enable
>     anything though (it is just useless), so isn't a security risk. Even if
>     the latency is a week (rfc 1149), we still cannot blame the signer for
>     any problems encountered in-flight.
> Once more I am lost. Old data is useful if your clock is wrong.

The client does not use the absolute timestamps from the server in any
way, so them being old or current does not matter for the client.

The client knows how long ago one of the hashes from the log was issued.
Either by having data from a previous run, or from a call home. Based on
this, it will see when the rest of the hashes were issued.

Example log from the server:
ABCD1234 was issued at 2048-01-01 12:00
BCDE2345 was issued at 2048-01-02 12:00

The client additionally knows that ABCD1234 was issued 300 days ago. It
thus also knows that BCDE2345 was issued 299 days ago. What year it is
now, whether the server is serving stale data, or if the client clock is
correct don't matter.

If the server is lying, the client can prove this.

Sigbjørn Vik
Opera Software

More information about the Public mailing list