A few months ago I investigated a bugreport about a secure travel agency website that was causing Opera to display the omnious message "The certificate has been revoked by its issuer. The certificate was revoked because this site is no longer in operation". (Well, actually, due to a bug Opera 9.0 only displayed a less informative message and not that particular message, but 9.01 would have.)
What is recovation, and why is it important to you?
About revocation
Revocation of a certificate means that the Certificate Authority (CA) that issued the certificate for a website have decided that the certificate is no longer valid, even if it has not expired.
The information about revocation can be distributed in two ways: Certificate Revocation Lists (CRLs), or by using the Online Certificate Status Protocol (OCSP).
CRLs are (usually) large files that contain a list with information about all the currentely active (unexpired) certificates that are no longer valid. This file has to be downloaded from the CA by the client at regular intervals (usually at least a week apart), and may be quite large.
OCSP, on the other hand, means that the client asks the CA "Is this particular certificate still valid?", and the server responds "Yes" or "No". This method can usually be fairly well up to date, meaning the information is at most a few days old, as opposed to at least a week for CRLs.
All the major browsers support OCSP, but some (like Opera) does not currently support CRLs.
At present Opera is the only non-beta browser that has enabled revocation checking by default, but IE7 for Vista will also check revocation by default. I am unsure about the status of the other browsers, but if they have not already done so, it is only a question of time before they all enable at least OCSP by default.
Possible reasons for revocation
Why is revocation important enough that we actually stop the user from visiting a website?
A CA can revoke a certificate due to a number of reasons:
- A new certificate has been issued to the website, meaning the old one is not going to be used anymore.
- The website with the certificate is being used for purposes that are not accepted by the CA.
- The certificate was issued based on incorrect information.
- The owner is no longer able to use the private key associated with the certificate, for example the password is lost, the key storage was destroyed somehow, etc.
- The private key has been compromised or stolen, which means traffic to the site is no longer secure.
- The certificate and key have been stolen and is actually being used for fraud while posing as a legitimate website.
In the case I was investigating the revocation reason given by the CA was "The certificate was revoked because this site is no longer in operation". To all appearances this looked incorrect, after all the website was there, other browsers accessed it, and it was possible to order from it.
However, as mentioned above, the reason other browsers accessed the site was that, unlike Opera, they did not check the certificate status. Users of other browsers that have manually changed the OCSP and/or CRL settings would also have been barred from accessing the site.
Given this situation there were several possibilities:
- Somebody at the website development team had made a mistake, either revoking the certificate by accident or forgetting to update the certificate on the server, after all, it still worked in every browser they used. (According to my information, the revocation was requested by the website owner.)
- The company had indeed gone out of business, but somebody forgot to turn off the lights (and the servers) when everybody left. In such a case people ordering their vacation might have gotten a rather "exciting" start of their vacation when they found out payment had not been made to their hotel or airline. I'm pretty sure some lawyers would have found the aftermath interesting, if this had been the case.
- The website's private key had been stolen, and the perpetrator was able to update the DNS entries or the network so that they could host their own completely "valid" secure server and use it to commit fraud and to steal credit card information from unsuspecting customers.
Especially the latter possibility sounds scary, doesn't it?
What was really going on?
What all this means is that Opera 8 and 9 refused access to the site, because we checked the current status of the certificate, while most other clients were quite oblivious to the situation because they did not, by default, check the certificate's status.
As I usually do in such cases I informed the CA about the problem. Naturally, they cannot share much information with me, but telling them gives them an idea about how many active websites are actually using revoked certificates (There aren't that many; we encounter at most one or two each month).
Then I tried to get in contact with the website owners so that I could ask them to update the certificate, but that proved to be a bit more difficult than I expected. There was little or no contact information on the site for contacting the webmaster, the only contact method was a comment form, which I filled out and submitted.
Then I started investigating a bit more, and found the parent company and tried sending them an email too, and then the grandparent company. Unfortunately, there were no results to show for the effort.
A couple of days later I recruited a colleague to help get in contact with the grandparent company, because he speaks the language. After several phone calls, more emails, faxes, and being redirected from one person to another, a couple of days later we finally established contact with the travel agency, and within hours a new certificate was in place.
It turned out that the company owning the website had reorganized and changed its name or established a new company to handle the website. During this process all the old certificates had been canceled, but new ones had not been installed.
In other words: Nothing more sinister than a human mistake. Fortunately.
This incident does however highlight what is becoming more and more of a problem, in particular for major websites (just ask David Storey, our Web Opener): Not being able to report serious website problems in a timely manner to somebody that can do something about it. There may be a contact form on the site, but at least in this case it did not have any choice for "website problem", meaning I had to file it in another category which could mean it could be lost somewhere in the system.
Forunately, as more clients enable revocation checking, this problem will diminish, at least for legitimate sites, as they will find out very quickly that they have a problem.
So what should you do if you encounter a revoked site?
First: Don't open a different browser to continue your transaction, provided it will let you. Revocation means you cannot trust the site.
Second: Tell the website operator that they have a problem.
Third: While you wait, shop somewhere else. :devil:
I do remember this issue. I too, never got a response for my report, but eventually the site in question removed SSL alltogether :whistle:Superb post on explaining revoked certificates :yes:
What is recovation, and why is it important to you?So, what is recovation? 😉
On OS X, every application uses the OS SSL functionality can be enabled to check OCSP via “Keychain Access” (in Applications/Utilities or Spotlight search it). OS X uses the BSD “ocspd” to achieve it.It is in “Certificates” tab of its “Preferences” I always set it to “Best attempt” since I saw that option.So, people better enable it so Safari etc. gets that function too.
– So I Understand…if a Certificate is in Opera Cache > Revocation folder.It is revoked, for whatever reason.Does that mean it’s replaced by a valid cert. & therforethe revoked cache can be deleted???OR Opera still needs it for comparison reasons. thank you…::tony
The files in the revocation cache subfolder contains either the list of all revoked certificates that have not yet expired for a given issuer (the CRLs, introduced with 9.50), or the most up to date information (it is either OK, or it was revoked) about individual certificates (the OCSP responses).The OCSP response file contain information about single certificates and expire after a few days at most.The CRL files can contain information about hundreds or thousands, sometimes tens of thousands of revoked certificates, and these files are valid for weeks (the ones with many certificates) or months (the really limited CAs).If the information is not available in the revocation cache (either because it has never been loaded, or it has expired, or been deleted to make room for other files) then it will be downloaded. Then it is fetched from the cache and is checked before the connection with the server is allowed to be set up. If the certificate is listed as revoked the connection is not established and an error is shown instead, in which case you should contact the web site owner to ask them to replace the certificate on the server with one that is valid, connections will not be allowed until they have done that.
Okay – I was wondering, sometimes the revocation folder is almost 2.5 MB. Then in a week or 2 it drops to aprox. 450 KB.Thank you.
@Paul: I am not aware of any such research. It could be that some information about cause is registered in the CRL files, but providing such information is mostly optional.AFAIK, though, most revocations occur when a certificate is reissued for some reason, for example to include a minor update.
Yngve,This is more of a question rather than a comment.You mention that you find one or two Web sites monthly that operate using a revoked certificate. I’m looking for revocation statistics on SSL certificates (prompted, e.g., by a key compromise). I couldn’t find any info on the Web. Do you know of any survey that gathered such stats?Thank you,Paul