IETF Logo Mail Archive

Re: [Acme] Fixing the TLS-SNI challenge type

Daniel McCarney <cpu@letsencrypt.org> Fri, 19 January 2018 14:51 UTC

Return-Path: <dmccarney@letsencrypt.org>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F03D112D95E for <acme@ietfa.amsl.com>; Fri, 19 Jan 2018 06:51:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=letsencrypt.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5DI01lKX6_8r for <acme@ietfa.amsl.com>; Fri, 19 Jan 2018 06:51:42 -0800 (PST)
Received: from mail-io0-x235.google.com (mail-io0-x235.google.com [IPv6:2607:f8b0:4001:c06::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9296012D961 for <acme@ietf.org>; Fri, 19 Jan 2018 06:51:34 -0800 (PST)
Received: by mail-io0-x235.google.com with SMTP id l17so2414196ioc.3 for <acme@ietf.org>; Fri, 19 Jan 2018 06:51:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=letsencrypt.org; s=google; h=mime-version:reply-to:in-reply-to:references:from:date:message-id :subject:to:cc; bh=WyYKaWLE0Vf98FtsL7upW9nj1yOSMKUL/LK4pulIt5g=; b=BEeUzJnseLyWZ2fa+rmDylSU1Zt/iCzVxSXTLcNar63VfBtjjP0jTwUobkiaBwS06i QUYVKb5jY8qnepIi1OSXNasE4U2YcNBLFSBqlhWKZyWoEG21rBDLWN7To9Up7R9lPnrx dAwXpjqfTD3Y2pDr72l5uOFZpddW10onVHPCc=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :from:date:message-id:subject:to:cc; bh=WyYKaWLE0Vf98FtsL7upW9nj1yOSMKUL/LK4pulIt5g=; b=GZOAm+pGrywdL7exCmc4gN0A9knVIE2Hxk/C6Ckp6IOdSwA5zk6cwhDBREGXn66fIL tRSgSmjDZ4IEhcMDNs4IKtKV2uxWtczYKX3Z4xvUZ8D4z/z98s6ds9sZ9gaCaI3n3iTL miil6X9bWnX34U4MRgmBfzbzIOy4ijtc5TRi0ZjVR2sWgYrytlnFAQsZ0RPO/0rO05xd OcpofNNq3zgaq2lZV2PkRR4I5VK4VyizlZbFC/0X39/I8bmgChX8W4H33FxXcYqg0mdA 7lv/L30b6jSNxuE64RyvSiejGPTEncc2Zy3X8qM/GnUy+1I9/C+BSOE+p8WTX079fPNX hdnQ==
X-Gm-Message-State: AKwxytd7Fic5pSr9BQNoC8a/437o2SwMaqQ1E8FBxOcyj9swVl9rC20v YdZgUk/xoiHJHpsDqgyB0AjbHYD8b/xFXijNkFDaUA==
X-Google-Smtp-Source: ACJfBounyGQ1yb+I5xTTJuqCEQiwWSvE3LWJS4PEohjLkl0/5nJKZ1cIJhOENWY3PaNsKvpilUGydfJSVHSJwZS0f3I=
X-Received: by 10.107.191.130 with SMTP id p124mr14036542iof.228.1516373493725; Fri, 19 Jan 2018 06:51:33 -0800 (PST)
MIME-Version: 1.0
Reply-To: cpu@letsencrypt.org
Received: by 10.107.8.26 with HTTP; Fri, 19 Jan 2018 06:51:33 -0800 (PST)
In-Reply-To: <CAKnbcLj=eYhm8qRj0B0U5FOu=UMn0wY+5apkJ-aHhhfh+mS-uw@mail.gmail.com>
References: <FC8545A9-4D43-4BCC-ADB1-40A0F92461E8@titanous.com> <F2551BE5-0866-4F03-972E-E223E8D60001@letsencrypt.org> <a506c023-ff44-7f14-71b1-94e4e810cd12@letsencrypt.org> <0603b570-f790-88a7-5514-b324eff4f087@figel.email> <CAKnbcLj=eYhm8qRj0B0U5FOu=UMn0wY+5apkJ-aHhhfh+mS-uw@mail.gmail.com>
From: Daniel McCarney <cpu@letsencrypt.org>
Date: Fri, 19 Jan 2018 09:51:33 -0500
Message-ID: <CAKnbcLj+UaUbu=EDbPU8UWwm9hUefXBKmtS=ZwSy7_2zCA=pmg@mail.gmail.com>
To: Patrick Figel <patrick@figel.email>
Cc: Roland Bracewell Shoemaker <roland@letsencrypt.org>, Jonathan Rudenberg <jonathan@titanous.com>, IETF ACME <acme@ietf.org>
Content-Type: multipart/alternative; boundary="94eb2c07019671091505632237f9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/6599QDs-g5xOtk63zkbJX_VuVds>
Subject: Re: [Acme] Fixing the TLS-SNI challenge type
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 19 Jan 2018 14:51:46 -0000

>
> I agree this approach will limit compatible TLS servers but luckily
> HAProxy should be fully compatible.


Alas, there's nothing like hitting send on a message to a mailing list to
make you think a little bit harder.

I overlooked the fact that it doesn't seem possible to select the
certificate based on the ALPN, just the backend. That's not really the
primary difficulty at hand. I suspect matching the request to the `bind`
with the correct alpn is still going to be problematic if the server needs
to respond to requests for the real identifier with both a certificate and
a challenge response certificate.

I would be happy to be corrected :-)

On Fri, Jan 19, 2018 at 9:43 AM, Daniel McCarney <cpu@letsencrypt.org>
wrote:

> If we use the "real" identifier for SNI, we'd limit that option to web
>> servers that natively support the ALPN value for ACME and can route
>> based on it.
>> Not sure how common this kind of setup is, if it's just a small subset of
>> HAProxy deployments it'd probably not have much of an impact.
>
>
> I agree this approach will limit compatible TLS servers but luckily
> HAProxy should be fully compatible.
>
> HAProxy has a "ssl_fc_alpn"[0] layer 5 fetch method that can be referenced
> in a "use_backend" directive to route based on the negotiated ALPN from the
> handshake. It looks like the feature has been present since HAProxy version
> 1.5 which hopefully means most HAProxy deployments will have access to it.
> As one data-point Ubuntu 16.04 LTS packages HAProxy 1.6.3 and should be
> able to build a ALPN-based routing solution similar to what was done for
> SNI.
>
> [0] - http://cbonte.github.io/haproxy-dconv/1.8/
> configuration.html#7.3.4-ssl_fc_alpn
>
> On Fri, Jan 12, 2018 at 10:29 AM, Patrick Figel <patrick@figel.email>
> wrote:
>
>> On 12.01.18 04:06, Roland Bracewell Shoemaker wrote:
>> > I'm actually going to roll back my thoughts on the SNI value. Thinking
>> > about this more I think it does actually make sense to revert to using
>> > the actual host name here.
>> >
>> > In the initial design of the TLS-SNI challenge the XXX.acme.invalid
>> > value was used as a way to allow servers to dynamically serve both
>> > regular and validation traffic. Since we would be using ALPN here we no
>> > longer need a special SNI value in order to differentiate validation
>> > traffic from regular traffic so this token value is no longer needed.
>>
>> One minor advantage of keeping the current acme.invalid scheme is that
>> it allows people to use SNI-based routing. Web servers like HAProxy
>> allow you to proxy requests (on the TCP layer) based on the SNI value,
>> so you could match "*.acme.invalid" and forward it to a validation
>> server that supports the new challenge and the ALPN ACME protocol, even
>> if the web server itself doesn't. If we use the "real" identifier for
>> SNI, we'd limit that option to web servers that natively support the
>> ALPN value for ACME and can route based on it.
>>
>> Not sure how common this kind of setup is, if it's just a small subset
>> of HAProxy deployments it'd probably not have much of an impact.
>>
>> Patrick
>>
>> [1]:
>> https://www.cloudoptimizedsmb.com/articles/20160409-00/using
>> -haproxy-to-split-letsencrypt-acme-challenges-from-regular-traffic
>>
>> _______________________________________________
>> Acme mailing list
>> Acme@ietf.org
>> https://www.ietf.org/mailman/listinfo/acme
>>
>
>

v2.23.0 | Report a Bug | By Email