IETF Logo Mail Archive

Re: [Acme] ACME breaking change: Most GETs become POSTs

Erica Portnoy <erica@eff.org> Fri, 07 September 2018 23:48 UTC

Return-Path: <erica@eff.org>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 184BF130DC7 for <acme@ietfa.amsl.com>; Fri, 7 Sep 2018 16:48:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.011
X-Spam-Level:
X-Spam-Status: No, score=-5.011 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, T_FILL_THIS_FORM_SHORT=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=eff.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IfPGoKJwe6fj for <acme@ietfa.amsl.com>; Fri, 7 Sep 2018 16:48:39 -0700 (PDT)
Received: from mail2.eff.org (mail2.eff.org [173.239.79.204]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B39C9127148 for <acme@ietf.org>; Fri, 7 Sep 2018 16:48:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=eff.org; s=mail2; h=Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From: References:To:Subject:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe :List-Post:List-Owner:List-Archive; bh=beGvijh0MKprBdVlrL4MtAIhgOInuEaIscUMWZCTxLg=; b=UAaqCuk/XQ0c13NJ4YNDTDa7pt MkJSPv3FiN5dUC7qbQ2hwAj/AXGBM5p2du7LF/g3KY+rwWTOO29qjC3WWkJJB0kBQhhyAwRIV5n16 MjFCmjsU1QPv7A/E1ANSTaktibInn04jAl4dFjFkRX1jT02V7D/odvoFS2ZuBBurckEA=;
Received: ; Fri, 07 Sep 2018 16:48:39 -0700
To: acme@ietf.org
References: <c33184f3-4e64-b7ea-babb-d29e2307f1f3@eff.org> <CAL02cgQ1BAzYH4f1nUD3fO0dKTc4mVrJ_NnoKq+Zb0BjT9J35Q@mail.gmail.com> <CAL02cgTDMqQ0jPojqUBAVBW=TRFGU0_ntfcLGUsTbPtvfitDKQ@mail.gmail.com> <A53CF702-D5DA-4A68-B677-4707A1C2E990@akamai.com> <CABcZeBP95mUro1MO=omM7PYHC9i7v9PoohuxfNK9tPSHmwwUgQ@mail.gmail.com>
From: Erica Portnoy <erica@eff.org>
Openpgp: preference=signencrypt
Autocrypt: addr=erica@eff.org; prefer-encrypt=mutual; keydata= xsBNBFg/PicBCAC778ThKMBwYNTQivWvGaralVBYpT1hsTgEVDRa/iADYXbn6JmFHqCYSrJd SxMSdKq7E2QJo//EElu6o7KAbj1vixKcHdSy3e7D6G+FqsjhbqgvNoh+uCSHgB40X/3sLdK2 xOCFszRqf2De7Y33oExNcC/4eug5K7gQEdtWN0qq/5wOvYPDTrxeqd8juKM/+hYg5ct3EjXh 4RwIPx6z+PyHL696jo2H7NMc+MhwFjtBVkz3JxmUwFBY5acUx8b6BhU0jas0OJb46NjZMIPb ht2VNqEie6kbz9ERts1n0/1U8O//XLDNm2vYmqWf74yboMDswGz2XGhT3SQox5WeOtRNABEB AAHNHUVyaWNhIFBvcnRub3kgPGVyaWNhQGVmZi5vcmc+wsB3BBMBCAAhBQJYTz4LAhsDBQsJ CAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEAOj7mFUBvCP5rAIAJCX2WEEd7+A+2WORZl5t3vy CCA98ILlz+/megWlyjfMKy8gaJCmoZy01bOeMY9kIGPB3qgKNTBr1XOopY3YoqnuiuPymYJF /W5wsg4FBYeVFRfKjRfUojSglznASCPFMmrLuroKO5BEMiyk6nkfbZQF9Tfm4wSwZSxIa7SG AMpGUpH9UhkFZ045E60Hhw5qUeTXxnrXj4n/IEoDeHe59TeAZh5klmifNM6nYllwAhL+4AO0 mSeMcwbsscdDd2Bw4XwjdUHPSgvqkT3y7SpTEFVIPIybOBc/kcReOK7TvBzvxcht+anNJG3h /EJHqqh6diOxg75LAjQA8TbIQlIIUGLOwE0EWD8+JwEIAK/zvIIlTWXxKR/Zw5njpOckvlcv elfFqWw5NgZrrZdxk57roqjaTPEC8uRX6NrXOhzLDsFMReLZsGPxRWnUlFxaIq6CvzRLBlG/ n05Wbu82IyJYc6Td8bd4C9Q2O+fY3nOF5mec8dKXVu8Ohw0Xig+OTQb68r2MgRlvX2kXDP80 Sz4gwhIOojBi1K7HSLb7NT6pSO7fYBi/SUwbPHUB9mEWdoYzby4S31RbwmCSdmE5i0rJku1X FYJsAKKggUZnDeFjIHraU84HgoNhbW37lBS3PtLfvB2NuHSArdxxDlTP9Xvhy247wjToVU2R hQ7TDF3kE8gG8mu0PPaJymL9+nEAEQEAAcLAXwQYAQgACQUCWD8+JwIbDAAKCRADo+5hVAbw j2gDB/9HMDAwMZBD6Z5UxLPsJfPsL1dUvlRVYBhVO9pb2/i3o2DY2ShGehEDU6tT9lSJU9o2 emF244IJyDE0OaDNRJWGcM58xg5XeSMeDfyCYXJEbNk0uGHTnrWDyWV0wydMIFqVRM+Razuv z+Uzai9kznyA+hbKrFE6STYVVKyVElKVr+JrIQXnUDFGBfoTaBohU/eFrwLa7J3uEW1h+PPz VENlpI+LO8Z3H0LwwIPs+0Xveq9I+LwmJ0AFrm5hg9THrddL8aLGVSpIg1chaj/0o6CnLa2D uqDEfvVsLDrvE+gJY+6BPxp+MaGVnGZFJtLRYO9U6M1pUQR65WwkXzLMpjJy
Message-ID: <294b4728-e1e8-07f6-db6e-245a7fac6220@eff.org>
Date: Fri, 07 Sep 2018 16:48:39 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1
MIME-Version: 1.0
In-Reply-To: <CABcZeBP95mUro1MO=omM7PYHC9i7v9PoohuxfNK9tPSHmwwUgQ@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------BDA22F51F8953B136B76A4DD"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/4Ro-7G5lJNqGeSxNZQteIAMCRJQ>
Subject: Re: [Acme] ACME breaking change: Most GETs become POSTs
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 07 Sep 2018 23:48:43 -0000

Hello all,

Just read through the discussion, hope I've misunderstood something
here! Here goes:

Domains that could be correlated in this way can probably already be
correlated.

If someone's in a position to watch traffic going *from* a server trying
to authenticate, they can certainly watch traffic going *to* that
server, and note the various domain names being hosted on that server
(since no encrypted sni :( ). And they could almost certainly get that
same information from a reverse DNS, as well.

You can't use precisely that method for phone numbers and contact email
addresses, to be sure.

But we might be overestimating the amount of privacy protection we're
giving here; we don't want to be in a position of trying to protect
something that's public information.

Best,
Erica


On 09/06/2018 09:03 AM, Eric Rescorla wrote:
> This is a pretty substantive change and I think this does need to have
> a short IETF-LC. Why don't you produce a new draft and let me know
> when you believe the WG has consensus
> -Ekr
>
>
> On Thu, Sep 6, 2018 at 8:50 AM, Salz, Rich
> <rsalz=40akamai.com@dmarc.ietf.org
> <mailto:rsalz=40akamai.com@dmarc.ietf.org>> wrote:
>
>     We have already had some discussion on this.  I do not want to
>     reset the WGLC.  Please take a look at the PR, it addresses issue
>     that were brought up during IESG review.
>
>      
>
>     If you have objections or concerns, please reply by the end of
>     next week, 14 sep.
>
>      
>
>     *From: *Richard Barnes <rlb@ipv.sx>
>     *Date: *Thursday, September 6, 2018 at 11:02 AM
>     *To: *"acme@ietf.org <mailto:acme@ietf.org>" <acme@ietf.org
>     <mailto:acme@ietf.org>>
>     *Cc: *"<acme-chairs@ietf. org>" <acme-chairs@ietf.org
>     <mailto:acme-chairs@ietf.org>>, Eric Rescorla <ekr@rtfm.com
>     <mailto:ekr@rtfm.com>>, Adam Roach <adam@nostrum.com
>     <mailto:adam@nostrum.com>>
>     *Subject: *Re: [Acme] ACME breaking change: Most GETs become POSTs
>     *Resent-From: *<alias-bounces@ietf.org
>     <mailto:alias-bounces@ietf.org>>
>     *Resent-To: *Rich Salz <rsalz@akamai.com
>     <mailto:rsalz@akamai.com>>, Yoav Nir <ynir.ietf@gmail.com
>     <mailto:ynir.ietf@gmail.com>>
>     *Resent-Date: *Thursday, September 6, 2018 at 11:02 AM
>
>      
>
>     After the weekend's discussions, I've updated the PR to reflect
>     what I understand to be emerging agreement on these topics:
>
>      
>
>     ISSUE 1. Should we do POST-as-GET at all, vs. keeping GET and
>     doing the privacy analysis?
>
>     PROPOSED RESOLUTION: Yes.
>
>      
>
>     ISSUE 2: How should we signal that POST-as-GET request is
>     different from other POST requests?
>
>     PROPOSED RESOLUTION: A JWS with a zero-octet payload ("")
>
>      
>
>     ISSUE 3: Should servers be required to allow GET requests for
>     certificate URLs?
>
>     PROPOSED RESOLUTION: No, but they MAY
>
>      
>
>     ISSUE 4: How should we address the risk that an attacker can
>     discover URLs by probing for Unauthorized vs. Not Found?
>
>     PROPOSED RESOLUTION: Security considerations that recommend
>     non-correlatable URL plans
>
>      
>
>     https://github.com/ietf-wg-acme/acme/pull/445
>     <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_ietf-2Dwg-2Dacme_acme_pull_445&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=0WrTFNH1Dw6ptcTgU6p4wrd1zn3ZVatHDOrx8DbEWUM&s=ARyNYl3lxrI8cMqtfkMceBinUqRQmbZiPk8NXJWj3O0&e=>
>
>      
>
>     Adam: Is this looking like an approach that would satisfy your
>     DISCUSS?
>
>      
>
>     Chairs / EKR: How would you like to proceed on closing this out? 
>     What are the next process steps?
>
>      
>
>      
>
>     On Fri, Aug 31, 2018 at 6:08 PM Richard Barnes <rlb@ipv.sx> wrote:
>
>         Hey all,
>
>          
>
>         This thread forked into a couple of different issues, so I
>         wanted to post a little end-of-day summary of the issues and
>         where we stand.  I've updated the PR [1] to reflect most of
>         today's discussion.
>
>          
>
>         ===
>
>          
>
>         ISSUE 1. Should we do POST-as-GET at all, vs. keeping GET and
>         doing the privacy analysis?
>
>          
>
>         It seems like there's pretty strong agreement that we should
>         get rid of GET, as the architecturally cleanest option.
>
>          
>
>         ===
>
>          
>
>         ISSUE 2: How should we signal that POST-as-GET request is
>         different from other POST requests?
>
>          
>
>         The current PR signals this by sending a JWS with an empty
>         (zero-octet) payload, instead of a JSON object.  Jacob and
>         Daniel suggested that we should instead use the payload being
>         an empty JSON object as the signal.  An earlier draft PR used
>         a field in the protected header.
>
>          
>
>         ===
>
>          
>
>         ISSUE 3: Should servers be required to allow GET requests for
>         certificate URLs?
>
>          
>
>         I had proposed this earlier today; Jacob and Daniel pushed
>         back.  I have implemented a compromise in the latest PR, where
>         servers MAY accept GET requests.
>
>          
>
>         ===
>
>          
>
>         ISSUE 4: How should we address the risk that an attacker can
>         discover URLs by probing for Unauthorized vs. Not Found?
>
>          
>
>         There seemed to be agreement on the list that this should be
>         addressed with some guidance to servers on how to assign
>         URLs.  I have just added some text to the PR for this.
>
>          
>
>         ===
>
>          
>
>         It seems to me we're pretty much closed on the first issue,
>         and the other three are still open.  Please send comments, so
>         we can resolve this issue and get the document back in motion!
>
>          
>
>         Thanks,
>
>         --Richard
>
>          
>
>         [1] https://github.com/ietf-wg-acme/acme/pull/445
>         <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_ietf-2Dwg-2Dacme_acme_pull_445&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=0WrTFNH1Dw6ptcTgU6p4wrd1zn3ZVatHDOrx8DbEWUM&s=ARyNYl3lxrI8cMqtfkMceBinUqRQmbZiPk8NXJWj3O0&e=>
>
>          
>
>         On Thu, Aug 30, 2018 at 7:20 PM Jacob Hoffman-Andrews
>         <jsha@eff.org <mailto:jsha@eff.org>> wrote:
>
>             ACME currently has unauthenticated GETs for some
>             resources. This was
>             originally discussed in January 2015[1]. We decided to put
>             all sensitive
>             data in the account resource and consider all GET
>             resources public, with
>             a slant towards transparency.
>
>             Adam Roach recently pointed out in his Area Director
>             review that even
>             when the contents of GET URLs aren’t sensitive, their
>             correlation may
>             be. For instance, some CAs might consider the grouping of
>             certificates
>             by account to be sensitive.
>
>             Richard Barnes proposes[2] to change all GETs to POSTs
>             (except directory
>             and new-nonce). This will be a breaking change. Clients
>             that were
>             compatible with previous drafts, informally called ACMEv1
>             and ACMEv2,
>             will not be compatible with a draft that mandates POSTs
>             everywhere. It
>             will be a painful change, since the ecosystem just started
>             switching to
>             ACMEv2, which looked to be near-final.
>
>             I think this is the right path forwards. ACME will be a
>             simpler, better
>             protocol long-term if all requests are authenticated.
>             However, if we’re
>             taking this path we should aim to come to consensus and
>             land the final
>             spec quickly to reduce uncertainty for ACME client
>             implementers.
>
>             [1]
>             https://github.com/letsencrypt/acme-spec/pull/48#issuecomment-70169712
>             <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_letsencrypt_acme-2Dspec_pull_48-23issuecomment-2D70169712&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=0WrTFNH1Dw6ptcTgU6p4wrd1zn3ZVatHDOrx8DbEWUM&s=-4g1lhzE_4QDBMJ-WyE17zBBm61tdp2A-ImhSpqHet4&e=>
>             [2] https://github.com/ietf-wg-acme/acme/pull/445/files
>             <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_ietf-2Dwg-2Dacme_acme_pull_445_files&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=0WrTFNH1Dw6ptcTgU6p4wrd1zn3ZVatHDOrx8DbEWUM&s=LoHY-1DpWoqgeBKRrhoq2l8n4_M01eB2qOjY9yUEaRA&e=>
>
>             _______________________________________________
>             Acme mailing list
>             Acme@ietf.org <mailto:Acme@ietf.org>
>             https://www.ietf.org/mailman/listinfo/acme
>             <https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ietf.org_mailman_listinfo_acme&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=0WrTFNH1Dw6ptcTgU6p4wrd1zn3ZVatHDOrx8DbEWUM&s=-4LvMdxd6Cmfi4d1ClEC2VFM8ndqUtWVEkoSNvTrg2M&e=>
>
>
>     _______________________________________________
>     Acme mailing list
>     Acme@ietf.org <mailto:Acme@ietf.org>
>     https://www.ietf.org/mailman/listinfo/acme
>     <https://www.ietf.org/mailman/listinfo/acme>
>
>
>
>
> _______________________________________________
> Acme mailing list
> Acme@ietf.org
> https://www.ietf.org/mailman/listinfo/acme

v2.23.0 | Report a Bug | By Email