IETF Logo Mail Archive

[Acme] Hash algorithms for challenges

Logan Widick <logan.widick@gmail.com> Tue, 07 March 2017 22:40 UTC

Return-Path: <logan.widick@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D154B127058 for <acme@ietfa.amsl.com>; Tue, 7 Mar 2017 14:40:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c9cMpbgMqGB7 for <acme@ietfa.amsl.com>; Tue, 7 Mar 2017 14:40:50 -0800 (PST)
Received: from mail-pg0-x22b.google.com (mail-pg0-x22b.google.com [IPv6:2607:f8b0:400e:c05::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BCCC4120726 for <acme@ietf.org>; Tue, 7 Mar 2017 14:40:50 -0800 (PST)
Received: by mail-pg0-x22b.google.com with SMTP id 187so5461444pgb.3 for <acme@ietf.org>; Tue, 07 Mar 2017 14:40:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=tQTQTCLcQ9iViWq10Bqxj6f0xuzxwaoinceM/83voew=; b=lAe+hmXLS4NZuH2LjsD4oStwqOHqsYamSjFb04EFrJZAxv2e+6xoAEQtGfQMuq8Ech wbyQ8QErTkL0YukC4Pj3/tUEa30by7gGGVUHtsSWoSwRTlp5U26Y8F7unPw5LBakU14u bV23g5S+sN0j6rhQoE5uSn/qj5St9tZztF2vk8wZrflMLH+gnSPEAxzvvIwbs9VZYH/c kFfR62fkr29O47YNczfzb+EA66+DfDuSt79ZEqdf9WLCu/H98OjyVsU1aXQka6ywEtil 0CAAilRIsd5G1Ip12EfJotSgvmM022xwh5VYfygGA+91YvZUAW+H7xEvDcvczE8V4xR+ xf+w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=tQTQTCLcQ9iViWq10Bqxj6f0xuzxwaoinceM/83voew=; b=R2/I7B1vF/lIaCpxmuBGvYn79W9xNQibhC5FnCbsiUZGIBNAw5EJywgo1+xSWK0ryR CjsPUf6po8frzIVTeIiTPWUTBfqjb84lgZpFCzqdUjmLzIMxOzV61lX9QHzOTyReQ4dY vVirWsM0WER5INGv9DTOn+D/PtFAjSwsyboIAj5HRPAGtECuUvB48uc8vHRwCc+mpJPy 4S2EN+iN2UqjAag0WctMi2JUlZsuoqBraTjWNr8jv9Pqa/1OeyWBw2Qlzh7zXmoq8rtZ 8LcNGklGCxlejIlmPV47jlriFOrtDYtE2WgL3BiG4lIU+5sFTGBRawjGD1k5MotqPdu2 sU+g==
X-Gm-Message-State: AMke39kh/PxUKaSXgleuGCr06EYA6V+YTQGQ1QdEdqTmFR9pcMtd6AKJ6xZmjPox12y5Z0ecM0UgwiDaFdNCKg==
X-Received: by 10.98.51.70 with SMTP id z67mr3112954pfz.68.1488926449950; Tue, 07 Mar 2017 14:40:49 -0800 (PST)
MIME-Version: 1.0
Received: by 10.100.130.129 with HTTP; Tue, 7 Mar 2017 14:40:49 -0800 (PST)
From: Logan Widick <logan.widick@gmail.com>
Date: Tue, 07 Mar 2017 16:40:49 -0600
Message-ID: <CAMmAzE+yqFXWVcgHmBGaGR21sx0a0-VUBogoFLxFcrvoFrwkYw@mail.gmail.com>
To: acme@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/EyB-H9PKXN72zLsyiT8pIzPh-R0>
Subject: [Acme] Hash algorithms for challenges
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Mar 2017 22:40:54 -0000

I noticed that the challenges in the draft seem to be tied to the same
hash algorithm (SHA-256). Would it be possible to have the the server
include an array of supported hash algorithms, and then have the
client specify which one of the server's supported algorithms is used
in the response? This way, the hash algorithms can be changed when
needed without changing the challenges themselves.

For example, consider the following directory, modified to include the
server's supported hash algorithms:
{
  "new-nonce": "https://example.com/acme/new-nonce",
  //other standard URIs here
  "meta": {
    "terms-of-service": "https://example.com/acme/terms",
    "website": "https://www.example.com/",
    "caa-identities": ["example.com"],
    "hash-algorithms": ["SHA-256", "SHA-512"]
},

Alternatively, the server's hash algorithms could be included in the
challenges, like this:
{
   "type": "http-01",
   "url": "https://example.com/authz/1234/0",
   "token": "DGyRejmCefe7v4NfDGDKfA",
   "hash-algorithms":["SHA-256", "SHA-512"]
}

Then, the client indicates the preferred hash algorithm (from the
server's list) in the response:
{
  "protected": base64url({
    "alg": "ES256",
    "kid": "https://example.com/acme/acct/1",
    "nonce": "Q_s3MWoqT05TrdkM2MTDcw",
    "url": "https://example.com/acme/authz/asdf/0"
  }),
  "payload": base64url({
    "type": "http-01",
    "keyAuthorization": "IlirfxKKXA...vb29HhjjLPSggwiE",
    "hash-algorithm": "SHA-256"
  }),
  "signature": "9cbg5JO1Gf5YLjjz...SpkUfcdPai9uVYYQ"
}

For compatibility with existing implementations, the default hash
algorithm if none is specified could be SHA-256.

Sincerely,

Logan Widick

v2.23.0 | Report a Bug | By Email