When I joined Microsoft in 2001 I had a list of things I wanted to accomplish, one of which was enabling certificate revocation checking in Internet Explorer by default.
There are a lot of reasons why this has not been the case historically (in any browser); one of the most significant being the practical issues associated with the market success of a single certificate issuer, VeriSign today is responsible for at least 64% of all certificates issued for server authentication on the internet (Both Thawte and GeoTrust are now owned by VeriSign).
Specifically what this means is that if browsers did revocation checking VeriSign would be put in the middle the initial connection to of 64% of internet sites that use TLS.
That's a lot of traffic, especially when you consider that most certificate chains these days are 4 levels deep, that means that there are 3 revocation checks taking place. That combined with the fact the CRLs on the lower portion of that chain in many cases are as much as 800KB in size. When you consider that most of the world doesn't have broadband and that a 56k connection is optimistic in many places That's nearly 2 minutes to download just one of the necessary CRLs to ensure the server certificate is not revoked.
The support of OCSP at the lower layers of a certificate chain greatly helps this problem since these responses can be smaller than 1KB in size, there are practical scalability issues however of doing OCSP for 64% of the Internet though.
With that in mind Alex Deacon of VeriSign and I got together and proposed a profile of OCSP that can be used in these environments, we called it the Lightweight OCSP Profile for High Volume Environments.
We worked with a number of vendors like Tumbleweed, CoreStreet and Alacris (recently acquired by Microsoft) to make sure that the profile made sense and be backwards compatible with existing products (where possible).
Well that profile is now in IETF IESG review phase, and while I was in the Windows Security team we implemented OCSP and this profile implemented for both VISTA and Longhorn.
In addition we updated the Windows TLS implementation to support much of RFC 3546 which specifies a number of extensions to TLS including how to have a server pass a OCSP response from its issuer to a client as part of the TLS exchange.
With these core changes in-place (there were many other necessary improvements too) it now became techncally feasible for VeriSign and other certificate issuers to support browsers doing revocation checking being default (this over simplifies things, building a globally scalable service isn't exactly childs play).
The next gap to close was to make these scenarios usable, and although I can't take credit for this I worked with some great folks in the IE 7 team to make this happen; with those usability changes out of the way (IE used to be the best example of how not to do certificate error handling UI) it became possible for us to enable revocation checking by default (in VISTA and Longhorn at least).
I should add one important caveat, due to a number of complications related to network infrastructure IE implements what I would call "soft revocation checking", by that I mean there are a number of cases where revocation information isn't available, some of these reasons include:
-
The issuer did not specify where to retrieve the information.
-
The location the issuer specified the revocation information is available is not reachable by the client.
-
The location the issuer specified is not performing well and the session timed out in retrieval.
For these reasons IE simply warns the user (via the Information Bar) that the information was not available vs. blocking access to the site.
I do think the Internet will be more secure thanks to these changes, it gives issuers the ability to communicate issuance mistakes, subscriber policy violations (phishing, etc.) and other revocable scenarios (key compromise, etc.) to the browser and its users in a timely way.
I also hope that other browsers like Firefox adopt some of the same concepts we did to make this stuff scale (contact me if you want to talk about the nitty gritty details).
Ryan