On 11/10/2019 10:10, Jeremy Harris wrote: > On 11/10/2019 09:57, Matt Caswell wrote: >> OpenSSL does not currently support that. You can only place a status response >> after the first certificate. >> >> Matt > > > That's why I asked: > >>> Are both layouts of the TLS1.3 Certificates record valid? > RFC8446 is not really very clear in this regards. All it says is: "In TLS 1.3, the server's OCSP information is carried in an extension in the CertificateEntry containing the associated certificate. Specifically, the body of the "status_request" extension from the server MUST be a CertificateStatus structure as defined in [RFC6066], which is interpreted as defined in [RFC6960]." Putting everything in a single CertificateEntry gives you equivalence with what can be achieved in TLSv1.2 and is allowed by the syntax of a CertificateStatus structure. So I *think* this is ok. It is not described how one should interpret a single CertificateStatus covering the whole chain, vs individual CertificateStatus entries, one for each Certificate. Matt
