Certificate Stapling
-
I have been watching the CASP+ series and had a question that I cannot find an answer to regarding certificate stapling.
I understand that stapling is used for enhanced security and performance between the client and server, verifying certificate validity and saving the browser time from not having to check the OCSP itself.
However, if the point of certificate stapling is to verify to the client the validity of the server, does it not present a security concern that the server in question is now the single source of truth regarding its certificate and validity of its own certificate? If a site has been compromised is it possible for the server to present a false or modified OCSP check back to the client that it will trust? How is the client able to verify the validity of the OCSP check returned back to it by the server?
Much thanks for any additional understanding!
-
So, though the primary check does occur between the OSCP and the server. To prevent the security concern you mention, there something like a "skip level meeting" that occurs between the server and the CA without the OSCP, periodically. This means that the OSCP server can present whatever information it wants but periodically the server itself directly requests an OSCP response from the CA. This would be similar to an employee asking his or her supervisor to raise an issue, then directly goes around the manager for a response as well. This direct response from the CA is then "stapled" to the certificate (SSL/TLS) when the server sends it the client for verification. if the OSCP is compromised, this will reveal it.
