Firefox Will Disable OCSP Checking for DV and OV Certificates

Firefox Will Disable OCSP Checking for DV and OV Certificates

The Revocation Mechanism Has Been Blamed for Delayed Page Loads

Mozilla will be experimenting with disabling OCSP checking due to performance concerns. OCSP, or Online Certificate Status Protocol, is one of the technical mechanisms used to check if a certificate has been revoked.

The change will be made in an upcoming version of Nightly – a pre-release version of Firefox dedicated to testing new features. If telemetry data shows that it’s best to disable OCSP checking for DV and OV certificates because it reduces the total time of the handshake, it will be brought to the consumer release of Firefox.

This will bring Firefox to par with other major browsers, including Chrome and Safari, which

OCSP Stapling – where the server provides the OCSP response directly to the client – will not be affected. Firefox will also continue to fetch OCSP responses for EV (Extended Validation) certificates.

OCSP has long been criticized as being broken. Because of the operational challenges of deploying the service at a global scale, OCSP often ends up in a situation where it “soft-fails” – meaning in the case that an OCSP check isn’t completed (because the server is down or the connection times out) the certificate is assumed to be valid. With soft-fail, it’s hard to see how OCSP provides any security benefits. Adam Langley, an engineer at Google, compared this problem to “a seat-belt that snaps when you crash.”

According to Mozilla’s telemetry, nearly 9% of successful OCSP checks take more than 1 second. This second adds to the time it takes to establish the SSL/TLS handshake, and represents a significant increase to overall load time.

In a very small number of cases (less than .05% of the time), a successful check takes over 3 seconds. While that is a very low rate it represents more than 4 million page loads.

Coincidently, Let’s Encrypt’s OCSP service failed earlier this month for about 12 hours, causing performance issues for websites using their certificates. Last year the CA GlobalSign also suffered an issue related to their OCSP servers. These incidents issues raise questions about the net value of OCSP and if it’s causing more harm than good.

David Keeler, a security engineer at Mozilla, wrote that “the plan is to monitor telemetry to see if this impacts TLS handshake time.” If there is a performance improvement, they will move forward with disabling the check in all versions of Firefox.

Improvements to OCSP were designed years ago – two additions to the protocol known as Stapling and Must-Staple intended to fix the performance, security, and privacy issues. However, Apache and NGINX, which are the most commonly used webservers, either implement these features poorly or not at all.

  • Hi, Vincent – I don’t pretend to have a full understanding of your article. But I’ve been searching for an answer as to why pages are taking forever to load because of “performing TLS handshake.” I see others have complained of the same thing. I’m guessing what you’ve written about might be the explanation. Is there any hope of a cure for this annoying problem with Firefox? Or do I have to move to Chrome? Or (shudder) Internet Explorer?

    Thanks from a 70-year-old who does embrace technology.

    • Hi Yvonne,

      Thanks for the question. I don’t know as much about Firefox, so I’m looking into what the causes of that message are.

      Can you tell me, if this an issue you have on most websites? Or just a few? Can you share any examples of a site that regularly loads slowly due to that message?

  • Hi, Vincent,

    I posted a reply yesterday with the info you requested, but it may have been too long as it never showed up. Or maybe the comments feature doesn’t allow web addresses? I could email the info if I had an address.

Leave a Reply

Your email address will not be published. We will only use your email address to respond to your comment and/or notify you of responses. Required fields are marked *

Captcha *