Re: [Acme] draft-misell-acme-onion
Q Misell <q@as207960.net> Mon, 17 April 2023 11:29 UTC
Return-Path: <q@as207960.net>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7947FC15152E for <acme@ietfa.amsl.com>; Mon, 17 Apr 2023 04:29:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.095
X-Spam-Level:
X-Spam-Status: No, score=-2.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=as207960.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yhn6QvgxsHcN for <acme@ietfa.amsl.com>; Mon, 17 Apr 2023 04:29:40 -0700 (PDT)
Received: from mail-ej1-x62f.google.com (mail-ej1-x62f.google.com [IPv6:2a00:1450:4864:20::62f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 94DDDC15152D for <acme@ietf.org>; Mon, 17 Apr 2023 04:29:40 -0700 (PDT)
Received: by mail-ej1-x62f.google.com with SMTP id a640c23a62f3a-94a35b0ec77so577339866b.3 for <acme@ietf.org>; Mon, 17 Apr 2023 04:29:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=as207960.net; s=google; t=1681730977; x=1684322977; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=GHjc0XP81mxSyRsdVBZhry7VFXTMz2FPk6+RkhgOYvg=; b=BHDZkbImebI0+KhAhYvYOaXbWS7wZdroZQSZM2XJ5Qvn5d+oZKdI8qK5O22eiRE7Sc kqEb2Paj7DIbNB45OdgPdlERRePzvYgqmIhLk+Ds2UE79bKj8/yS3gzJFT+kmTSdwOd/ C2BVFN5Yik1ohRY44bfQ8uIdgJ4Jphv679Z0NoDbr7lyl3aBjBXp9ARmO0qX9+AG5ClC XnPYDXIz+bEPlqiUQRr2hnX2PxqNBpjiQYXYY6pVQJ5CKqDvgTeZ8IBh2BQzuA3WMYPx 9DTFW+gW35An0mYp3mojBF/eqH3vAZMO1ySSKOTyQH5kaG+NI7qLFNcM5FPY+MMbMTTG IeqQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681730977; x=1684322977; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=GHjc0XP81mxSyRsdVBZhry7VFXTMz2FPk6+RkhgOYvg=; b=XP7oGw/7BdGGbkE9AqGcBBWa+U7XBx+LLnGMudvTo2mMhAdFnqbyi5vYa0hHu1D+mq fLCzW36Q/p6Qy07JxCB2JSYMY+fAlgMIeh2Wru5SwKJtRmJVs8ERAy0p0LEpvloqQ/q3 wyAGeyet3EB7RuhaqPgNOuThNmDv86PQKDVF+1A2rV6Q7A4+2FYpN1dEMcziZ28QX4UK Z/ASEu7yiOBRt3iJoPddQirJgkRK0YI6wqDxkyl/Z+/LR2xY6Djih+U8QDKkFzV2tTp9 nWOboXsB0r+JIwGnD77ORbtopMKhWO0t5XHoi+q081T7uLuePvU6hC6Uh/SUwLF4/Ts8 fo4A==
X-Gm-Message-State: AAQBX9cy0EhHk7qPY5hsBZwlSxexluNhsfgcX60DOa1RG/tPhQrnPSFs Eo0Oj1XNJzJobdBLyMC8BkQ89zS3nJrqyebnKajZSXi6II1Zv2YYcS69kg==
X-Google-Smtp-Source: AKy350Z1PHMaDmZ+A//cq7wU0M56lqHuLNo+igbsA1A7RSeFEgxLTA6tpoDhnEpbiCIL/08nu1HYtfR/Zni7oR0rRms=
X-Received: by 2002:a50:c044:0:b0:502:49bf:7e8d with SMTP id u4-20020a50c044000000b0050249bf7e8dmr7088673edd.8.1681730977542; Mon, 17 Apr 2023 04:29:37 -0700 (PDT)
MIME-Version: 1.0
References: <CAMEWqGuuRsYF-EoFs44DSZ0X0z5iOuKa8iMC38Yuh24F0fWYXQ@mail.gmail.com> <214b80c1-b234-07ae-e33c-bda3d6c1f542@gmail.com> <CAMEWqGuTDGyEQ+ZsiMqo5q9XiYHLr4Uxrp0gUOi3vRFFPV6dKg@mail.gmail.com> <0b2bf652-2e47-b3a0-dade-52ec0257de96@gmail.com>
In-Reply-To: <0b2bf652-2e47-b3a0-dade-52ec0257de96@gmail.com>
From: Q Misell <q@as207960.net>
Date: Mon, 17 Apr 2023 12:29:01 +0100
Message-ID: <CAMEWqGvqM8zxw0x739-ZcOn55niJJT9gdv7w9RNwRYoYK78uzg@mail.gmail.com>
To: Seo Suchan <tjtncks@gmail.com>
Cc: acme@ietf.org
Content-Type: multipart/alternative; boundary="000000000000864ba005f98681e8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/4JHHl-pzNNO6NvCwxnwv7fz9TGQ>
Subject: Re: [Acme] draft-misell-acme-onion
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Apr 2023 11:29:45 -0000
Point taken, I think you're right. Might I suggest then two CSRs, one signed with the onion key to be submitted as a challenge response, and one submitted to finalize the order. On Sun, 16 Apr 2023 at 22:08, Seo Suchan <tjtncks@gmail.com> wrote: > I think this section implies CSR has to be signed by what subjectPublickeyinfo be used for verify it: > > rfc2986 section 3 note 2. > > Note 2 - The signature on the certification request prevents an > entity from requesting a certificate with another party's public key. > Such an attack would give the entity the minor ability to pretend to > be the originator of any message signed by the other party. This > attack is significant only if the entity does not know the message > being signed and the signed part of the message does not identify the > signer. The entity would still not be able to decrypt messages > intended for the other party, of course. > > subject public key and subject entity's private key not being matching pair feels stretching the rule as written. > and even if csr is allowed I don't think merging finalization and challenge verify is a good idea here: > 1. Pre-authorization (rfc8555 7.4.1) makes challenge may not have parent order. > 2. a order capable of finalize in pending state makes ready state check useless, in boulder that's only place actually checks for order's validity before calling CA to sign the certificate > 3. most acme CA moved to async order finalization, so it will move to processing if it wants or not. > > 2023-04-17 오전 12:58에 Q Misell 이(가) 쓴 글: > > Hi, > > Thanks for the comments. I'll fix the typos. > > With regard to running a Tor client or not I don't think it is too much of > a ask from CAs to run a Tor client (it needn't even be that feature > complete to simply fetch a HS descriptor), for the added benefit of CAA > enforcement. > > Regarding your comment about CSRs I think you've misunderstood how the CSR > is used. RFC2986 section 3 states that the CertificationRequestInfo > contains the public key to be included in the final certificate (subjectPKInfo), > whilst the entire CertificationRequest can be signed with a different key > entirely, and this is what the CA/BF rules permit, and indeed what they > were designed to achieve and how HARICA implements this. > > Thanks, > Q > > On Sun, 16 Apr 2023 at 03:44, Seo Suchan <tjtncks@gmail.com> wrote: > >> 5.2 has few typos CAA when it should mean CA: (CAA can't read any >> descriptor, it's a text) >> >> For running CAA in general, I think appendix B of CA/B BR method b made >> in a way that CA doesn't have to run Tor client at all. And it actually >> allows signing a cert for not yet hosted onion domain, given they control >> right private key to induce that domain name. In that case making CA >> required to run Tor client to read CAA conflicts this goal. >> >> And challenge 3.2, it doesn't work for public CA: in acme context, CSR's >> pubkey sent in finalization is what CA will sign, but for challange >> perspective key there need to be ed25519 key (because it's onion v3 private >> key,) but CA/B does not allow signing ed25519 key in TLS certificate, you >> can't reuse CSR for both purpose. >> >> >> 2023-04-16 오전 1:22에 Q Misell 이(가) 쓴 글: >> >> Hi all, >> >> Hope you've all recovered from IETF116, it was lovely seeing you all >> there. Thanks to those who already gave me feedback on my draft. >> >> As promised in my brief presentation at the WG meeting, here's my post >> introducing my draft draft >> <https://datatracker.ietf.org/doc/draft-misell-acme-onion/> >> -misell-acme-onion >> <https://datatracker.ietf.org/doc/draft-misell-acme-onion/> to ease >> issuance of certificates to Tor hidden services. >> >> DigiCert and HARICA already issue X.509 certificates to Tor hidden >> services but there is no automation whatsoever on this. From my >> discussions with the Tor community this is something that bothers them so >> I've taken to writing this draft to hopefully address that. >> >> The draft defines three ways of validation: >> - http-01 over Tor >> - tls-alpn-01 over Tor >> - A new method onion-csr-01, where the CSR is signed by the key of the >> onion service >> >> An explicit non goal is to define validation methods not already approved >> by the CA/BF, however if someone can make a compelling argument for an >> entirely novel method I wouldn't be entirely opposed to it. >> >> Looking forward to your feedback, and some indication that this would be >> worth adopting as a WG draft. >> >> Thanks, >> Q Misell >> >> _______________________________________________ >> Acme mailing listAcme@ietf.orghttps://www.ietf.org/mailman/listinfo/acme >> >> _______________________________________________ >> Acme mailing list >> Acme@ietf.org >> https://www.ietf.org/mailman/listinfo/acme >> >
- [Acme] draft-misell-acme-onion Q Misell
- Re: [Acme] draft-misell-acme-onion Seo Suchan
- Re: [Acme] draft-misell-acme-onion Q Misell
- Re: [Acme] draft-misell-acme-onion Seo Suchan
- Re: [Acme] draft-misell-acme-onion Q Misell
- Re: [Acme] draft-misell-acme-onion Corey Bonnell
- Re: [Acme] draft-misell-acme-onion Seo Suchan
- Re: [Acme] draft-misell-acme-onion Q Misell