Hello!
Does Erlang now support OCSP and OCSP stapling? I stumble upon the blog post about implementing it in Erlang and using it in emqx EMQX Supports OCSP stapling - YouTube. Also, there is undocumented code in ssl and some tests https://github.com/erlang/otp/blob/master/lib/ssl/test/openssl_ocsp_SUITE.erl
So, my question is, when the OSCP and OCSP stapling will be publicly available and documented? Is it safe to use it in the Erlang 26 now?
Summoning @voltone who likely knows the most on this topic. As far as my understanding goes, this code is not functional, and there is no specific deadline when it’s going to be released.
Some work was indeed done by the OTP team on adding an OCSP client and the logic to verify the revocation status of a peer certificate. However, the author of that code left, and the work-in-progress code was merged and released with a disclaimer (public_key-1.9, as part of OTP 23.1)
At the time I reviewed some of the code and noticed that the code that verifies the OCSP response does not correctly verify that the OCSP response signer is a legitimate responder for the peer certificate’s issuer. This would mean anyone can spoof an OCSP response for any server certificate and OTP will accept its contents. I have not reviewed recent OTP versions to check if this has been fixed, but I have not seen any mention of OCSP in the public_key releases notes since 1.9.
As for OCSP stapling, there appears to be some support in ssl, as the ssl-10.4 release notes mention a bug fix. I believe this probably relates to client-side stapling (verifying the OCSP response) and not server-side stapling. Any way, any support of OCSP in ssl is going to be dependent on the state of public_key.
I cannot comment on future plans of the OTP team, maybe @ingela can.