jami-daemon: add OCSP verification, store & trust

• revoke jams device

  https://review.jami.net/c/ring-daemon/+/12742

• openssl OCSP server setup

  https://github.com/binarytrails/notes/blob/master/software/ssl.md#setup-server

• proof-of-concept with opendht http library

  https://github.com/binarytrails/various/blob/master/cpp/gnutls/ocsp.cpp

  • generating / sending OCSP request

  • receiving / processing OCSP request

• Jami-daemon integration: https://review.jami.net/c/ring-daemon/+/12792

  • Verify certificate with OCSP if present with a TLS session wrapper

  • Test/Debug/Validate JAMS for OCSP feature

  • Save OCSP responses into Certificate Store

    ocsp/
    └── <Certificate UID>
        └── <OCSP Response Serial Number>

  • Load OCSP responses into Certificate Store

  • OpenDHT: Use OCSP requests store/trust implementation in Crypto

  • IM: Validate peers with OCSP responses prior to communication

    https://github.com/savoirfairelinux/opendht/pull/464

  • Implement OCSP periodic request sending/caching (IM are not automatic)

    (ensures no revoked user can send messages even if the tls wrapper is not called as in sip calls)

changed due date to October 14, 2019

changed milestone to %Next major release

added 1 deleted label

removed due date

changed the description

changed the description

mentioned in issue #713 (closed)

changed the description

changed the description

changed title from [jams] ring-daemon: verify certificate with ocsp to jami-daemon: implement OCSP verification, store and trust

changed title from jami-daemon: implement OCSP verification, store and trust to jami-daemon: add OCSP verification/store & trust

changed the description

changed the description

changed title from jami-daemon: add OCSP verification/store & trust to jami-daemon: add OCSP verificatio, store & trust

changed the description

changed title from jami-daemon: add OCSP verificatio, store & trust to jami-daemon: add OCSP verification, store & trust

assigned to @aberaud

changed milestone to %Iteration 24

added 1 deleted label

closed

changed the description

added typefeature request label