Towards Short-Lived Certificates

Authors: E. Topalovic, B. Saeta, L.S. Huang, C. Jackson, and D. Boneh

The Online Certificate Status Protocol (OCSP) is as good as dead. It imposes a massive performance penalty on web traffic and has failed to mitigate the recent high-profile certificate security breaches of certificate authorities. Citing these fundamental protocol flaws, Google Chrome, one of the world's most popular browsers, is permanently disabling OCSP and taking direct ownership over certificate revocation. We will soon be living in a post-OCSP world where Google has become a single point of failure for certificate validation.

We argue that certificate authorities should reassert control over the certificate revocation process by issuing certificates with a very short lifetime. These certificates complement browser-based revocation by allowing certificate authorities to revoke certificates without the cooperation of browser vendors, and without imposing a performance penalty on web traffic.

We implemented a prototype certificate authority and certificate update plugin for Apache that demonstrates feasibility of short-lived certificates. We also implemented client-side pinning to short-lived certificates in the Chromium browser. Finally, we show that short-lived certificates complement browser-based revocation and address its major limitations; the two mechanisms can be combined to achieve secure, performant, and backwards-compatible browsing experience on the web.

In proceedings of IEEE Oakland Web 2.0 Security and Privacy (W2SP 2012).

Full paper: pdf.