TCS-medlemmar,
konkret information från HARICA om avvecklandet av OCSP för publika
servercertifikat följer nedan:
Dear TCS members,
Effective March 2, 2026, HARICA will officially deprecate the use of the
Online Certificate Status Protocol (OCSP) for all newly issued
publicly-trusted server TLS certificates, with exceptions made only for
specific use cases where required. In accordance with evolving industry
standards and browser requirements, certificates issued after this date
will no longer contain an OCSP responder URL in the Authority
Information Access (AIA) extension, by default. Instead, certificate
revocation status will be managed exclusively through Certificate
Revocation Lists (CRLs) and modern browser-native mechanisms.
Why is this change happening?
The industry-wide move away from OCSP is driven by three primary
factors:
- User Privacy: Standard OCSP requests are unencrypted. When a browser
checks a certificate’s status via OCSP, it informs the CA which IP
address is visiting which website. Removing OCSP eliminates this privacy
leak, ensuring that HARICA cannot track user browsing patterns.
- Reliability and Performance: OCSP lookups often add significant
latency to the TLS handshake (the "OCSP stapling" solution, while
helpful, has seen inconsistent adoption). Furthermore, if an OCSP
responder is slow or unreachable, it can cause "soft-fail" delays or
"hard-fail" connection errors, impacting site availability.
- Modern Revocation Standards: Browsers such as Apple Safari, Google
Chrome and Mozilla Firefox have shifted toward more efficient,
privacy-preserving methods for checking revocation at scale, such
as CRLSets and CRLite. These methods rely on the CA publishing
compressed CRLs rather than answering individual OCSP queries.
Timeline of Changes
- Today – March 1, 2026: No immediate action is required. HARICA will
continue to support OCSP for all active certificates.
- March 2, 2026: All new TLS certificates issued by HARICA will omit the
OCSP AIA extension by default. Certain exceptions will be allowed on a
case-by-case basis.
- Post-March 2, 2026: Existing certificates issued prior to this date
will continue to have functional OCSP support until their
natural expiration. By May 4, 2027, we expect our public OCSP
infrastructure to be fully decommissioned for TLS.
Impact on Subscribers
For the vast majority of subscribers, no action is required. Modern web
browsers (Chrome, Safari, Firefox, and Edge) have already prepared for this
transition.
However, a small number of "legacy" or "non-browser" applications that
rely strictly on the presence of an OCSP URL in the certificate for
hard-fail revocation checking may experience issues. We recommend the
following:
- Review Legacy Systems: If you use specialized hardware or older
software that requires OCSP for mutual TLS (mTLS) or specific compliance
checks, ensure they support CRL-based revocation. If you operate legacy
systems that rely exclusively on OCSP and cannot process CRLs, please
contact our technical support team to discuss available options.
- OCSP Stapling: If you currently use OCSP Stapling on your web servers,
the server will simply stop stapling a response once the new certificate
(without an OCSP URL) is installed. This will not break the connection
in modern browsers.
Our Commitment to Security
This change marks a meaningful step toward a faster, more private, and more
resilient internet. We appreciate your continued trust in HARICA and remain
committed to supporting you throughout this transition.
We remain at your disposal for any further information.
--
Kent Engström, Sunet TCS
kent.engstrom(a)liu.se, +46 13 28 4444
TCS-medlemmar,
information från GEANT angående kommande borttagning av
clientAuth från "extended key usage" i servercertifikat.
Motsvarande ändringar sker hos andra CAs (Let's Encrypt, Sectigo osv)
innan deadline.
Ändringar påverkar inte användning som servercertifikat, men om ni
har använt servercertifikat för att autentisera som klient vid
uppkoppling mot en server kan ni behöva göra annorlunda framöver.
Kontakta tcs(a)sunet.se om ni har konkreta funderingar om något
användningsfall hos er.
> Subject: [tcs] Information on removal of clientAuth EKU from TLS certificates
> Date: Mon, 5 Jan 2026 23:28:29 +0000 (1 day, 11 hours, 34 minutes ago)
>
> Dear All
>
> You may be aware of information relating to the removal of clientAuth
> EKU from TLS certificates. EKU stands for “extended key usage” and
> defined permissions for how different certificate types could be used
> for additional purposes - the most common being allowing Server
> Authentication and Client Authentication Extended Key Usages in public
> trust certificates by default. To avoid misconfiguration, misuse, and
> policy violations, the CA/B Forum decided that from May 2026 onward,
> publicly trusted CAs will not issue TLS certificates containing the
> ClientAuth EKU.
>
> We are working with HARICA to determine a date as to when these will
> be removed from our certificates, but this will be in line with the
> May 2026 date. This should have no overall impact on the validity of
> certificates used for server authentication only. Any new public
> SSL/TLS certificates issued on or after June 15, 2026 must include
> ONLY the serverAuth EKU. Certificates issued prior to this date will
> remain valid until their expiration (unless revoked beforehand).
>
> For client authentication, we strongly recommend that our community
> use the client certificates tagged as “IGTF certificates” in the
> HARICA portal. On behalf of myself and the PMA we acknowledge a
> mistake in naming these on our part - in the final days of the Sectigo
> contract we had realigned and renamed client certificates as GÉANT
> Personal Authentication and should have used this nomenclature moving
> over to the HARICA contract but fell back on old habits. I will be
> working with HARICA to better position these certificates and rename
> them in a way that is more useful for our community.
>
> I hope that all makes sense but if you need further information or clarification please do not hesitate to reach out.
>
> Many thanks
>
> Nicole
>
> --
> Nicole Harris
> Senior Trust and Security Manager
> GÉANT
--
Kent Engström, Sunet TCS
kent.engstrom(a)liu.se, +46 13 28 4444
