What’s the alternative tho?

loeg · on Nov 12, 2020

A limited change would be to fail-open more of the time, e.g., if the OCSP server does not respond within a few milliseconds. (MacOS already fails-open in some internet scenarios.)

A better option is to asynchronously update a Certificate Revocation List ("CRL") and perform any check local to the machine. This avoids disclosing to Apple every single time you run a program, which program it is, and what network you're on. It could also emergency-revoke certificates just as quickly as the OCSP design by polling at the same frequency (every app startup).

valuearb · on Nov 12, 2020

This is exactly right, and given Apple’s privacy commitment should have been implemented already.

LgWoodenBadger · on Nov 12, 2020

Publish revocations as security updates to the OS?

valuearb · on Nov 12, 2020

Security updates take too long. How bout each copy of MacOS keeps local copy of revocation database, and updates in background?

Much faster, updates relatively quickly, and not subject to network outages.

cromka · on Nov 13, 2020

I'd imagine that revocations don't happen often. And when they do, Apple has a perfectly capable infrastructure to push those small incremental changes on demand. It's almost as if they intentionally ignored such superior solution and chose calling home for other reasons...

throwaway888abc · on Nov 13, 2020

That way (current) Apple also has the app usage statistic ?

fortran77 · on Nov 12, 2020

Microsoft Windows 10.

jimmaswell · on Nov 12, 2020

You don't need an alternative. The entire concept is totally unnecessary.