Let's Encrypt, the world's largest certificate authority, announces that it will discontinue support for the Online Certificate Status Protocol (OCSP).



Certificate authority (CA) Let's Encrypt has announced that it will end support for

the Online Certificate Status Protocol (OCSP), a communications protocol for obtaining the revocation status of public key certificates.

Intent to End OCSP Service - Let's Encrypt
https://letsencrypt.org/2024/07/23/replacing-ocsp-with-crls.html

'We are announcing today our intention to end support for OCSP and deploy Certificate Revocation Lists (CRLs) as soon as possible,' Josh Aas, executive director and co-founder of Let's Encrypt, said in a statement on July 23, 2024.

Let's Encrypt has been providing OCSP responders for about 10 years at the time of writing, but will also support CRLs from 2022. Earth explains that the main reason for discontinuing support for OCSP is that OCSP poses a significant risk to privacy on the Internet.



When a user accesses the Internet with a browser or software that checks certificate status via OCSP, CAs providing OCSP responders can identify the IP address from which the visitor is accessing the site.

Let's Encrypt tries not to knowingly retain such data, but cannot exclude the possibility that it may be forced to collect and submit the data due to legal orders, whereas CRL does not have such an issue.

Although not directly related to Mr. Aas's concerns, issues surrounding OCSP include privacy issues due to the fact that OCSP authentication was performed in plain text in macOS Big Sur, released in 2020, and performance issues that caused slow operation due to delays in OCSP checks, which have become a major topic of discussion.

Apple addresses the issue of 'Apple collecting information about running apps causing Macs to slow down,' explaining what was actually happening - GIGAZINE



Aas also explained that since Let's Encrypt was founded, the company has devoted significant resources to providing and operating OCSP services, but since CRLs make OCSP no longer mandatory, this step was necessary to keep the CA infrastructure as simple and efficient as possible.

'We encourage anyone who currently relies on OCSP services to begin the process of removing that dependency as soon as possible. In addition, if you use Let's Encrypt certificates to secure non-browser communications, such as VPNs, you should verify that your software works correctly even if the certificate does not contain the OCSP URL. Fortunately, most OCSP implementations are 'fail open', meaning they continue communicating even if a problem occurs, so not being able to get an OCSP response will not cause your system to fail,' Aas said.

In the first place, OCSP was developed to solve the problem of CRL, and this change has both advantages and disadvantages. Andrew Ayre, founder of SSLMate, an automated SSL certification service, wrote in a post on the social news site Hacker News that CRLs only list revoked certificates, not the status of all certificates, so they cannot detect omissions by CAs. He said, 'In addition to making it unnecessary to include OCSP URLs in certificates, I would have liked to have all issuers' OCSP URLs published in the Common Certification Authority Database (CCADB). This would have solved the privacy issue, reduced the operating costs of OCSP responders, and maintained transparency regarding the status of certificates.'

In response, Aas responded to Hacker News, 'Requiring CAs to perform OCSP makes them complicated and expensive to operate. There are significant downsides to this, and the cost that Let's Encrypt spends on OCSP is simply a cost that cannot be invested in other aspects of the CA 's business. It's impossible to see what has been neglected in lieu of continuing with OCSP, but it is a significant burden and I don't think it's worth it.'

in Web Service, Posted by log1l_ks