IETF Logo Mail Archive

Re: [Acme] ACME signature mechanics

Phillip Hallam-Baker <phill@hallambaker.com> Wed, 17 December 2014 20:28 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 213E11A8F4E for <acme@ietfa.amsl.com>; Wed, 17 Dec 2014 12:28:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RZBT5X6AKxKU for <acme@ietfa.amsl.com>; Wed, 17 Dec 2014 12:28:29 -0800 (PST)
Received: from mail-la0-x233.google.com (mail-la0-x233.google.com [IPv6:2a00:1450:4010:c03::233]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5AC331A8764 for <acme@ietf.org>; Wed, 17 Dec 2014 12:28:29 -0800 (PST)
Received: by mail-la0-f51.google.com with SMTP id ms9so13796731lab.10 for <acme@ietf.org>; Wed, 17 Dec 2014 12:28:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=NOnv/r9Bl/mykS4HfoD5IAfeHI4YYnjzPIUm4S1KjSE=; b=fhKNHlKB1LlDzo+m28AE5dSRmjm2FiliIJJdzF/igjHzCyOOVT8UgW1Pbli9tY+5tC xl9TwTVe/ox368XlB4++vkYB0HEsPYcFCYuOKKCJyxsa+4NpAIxWEtzTIt4HABbzY8vN MeCJPOaDeqb/IousmUSYaNsoNJOsxiI/2XvEQkRqe9u7vhHbkul4/6wO1ic0X7Bmi7H0 Ov4/fWrLHiJjqy98cKkleyRl820sG7lsIRG0u8GTNd8umqVV5yocsygo99H80dbSwvTU NOwkPKg5wS1oflA15DcLuvN0HzGxGSV4DGohl+PtW0jdB9P7qoYweBv9L9/D+jBJrGGZ qFbw==
MIME-Version: 1.0
X-Received: by 10.112.55.97 with SMTP id r1mr32637803lbp.49.1418848107874; Wed, 17 Dec 2014 12:28:27 -0800 (PST)
Sender: hallam@gmail.com
Received: by 10.112.19.42 with HTTP; Wed, 17 Dec 2014 12:28:27 -0800 (PST)
In-Reply-To: <20141217171915.GX3241@localhost>
References: <548FF9E3.1020703@gmail.com> <CAL02cgT9iYqtX2Ui5XQYnj=yeF_QnSkKn-jE0D5d56WMzB5bBg@mail.gmail.com> <CAMm+LwjwG0dPTkByu5WZ_ev3xNxAMwunoc-A_VK4sKPSZXRYDw@mail.gmail.com> <20141217171915.GX3241@localhost>
Date: Wed, 17 Dec 2014 15:28:27 -0500
X-Google-Sender-Auth: wrb9b-DdbfLBRYJtiuax4QbJcrI
Message-ID: <CAMm+LwjRk_skCW4bJ607YzeVrCN71o=p4gmzy0koYty-J7L2yQ@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Nico Williams <nico@cryptonector.com>
Content-Type: multipart/alternative; boundary="001a11c3f16a75ceb8050a6f5135"
Archived-At: http://mailarchive.ietf.org/arch/msg/acme/Kl2jsjeii9V2rxAf5TlXYcnfIWs
Cc: Richard Barnes <rlb@ipv.sx>, "acme@ietf.org" <acme@ietf.org>, Anders Rundgren <anders.rundgren.net@gmail.com>
Subject: Re: [Acme] ACME signature mechanics
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Dec 2014 20:28:31 -0000

On Wed, Dec 17, 2014 at 12:19 PM, Nico Williams <nico@cryptonector.com>
wrote:
>
> On Wed, Dec 17, 2014 at 12:02:10PM -0500, Phillip Hallam-Baker wrote:
>
> That does leave two open issues to be decided though:
> >
> > 1 Should the signature header be part of the HTTP header or the payload?
>
> The payload.  And then you've created a new MIME type.


*message/rfc822*


> > I have a marginal preference for making the signature header part of the
> > HTTP header because that is how most Web servers and support libraries
> are
> > designed to work. They make it really easy to pull data out of a header.
> On
> > many platforms the RFC822 tag value pairs are automatically mapped to
> > corresponding data structures.
>
> I'd rather it be in the payload because then you have less dependence on
> the transport.  E.g., if you're using an IPC mechanism in your server
> implementation, with a less-privileged front-end passing validated
> payloads to a more-privileged back-end.


Well so long as the payload is divided into a header portion and a payload
portion, I am fine.

In fact we could even make both the header and the payload portion JSON
encoded and then just use the JSON list spec to put them both in the same
wrapper. The only hard part here is that we have a sequence of octets and
we need to unambiguously specify exactly where the dividing line is between
them:

{ <header JSON> } CR LF CR LF { <payload JSON> }

I am perfectly happy with any one of the following, or with additional
control characters thrown in to season the pot if you really must. But I am
really insistent that there be exactly one choice:

Header = [ { <header JSON> } ]
Payload = [ CR LF CR LF { <payload JSON> } ]

Header = [ { <header JSON> } CR LF ]
Payload = [  CR LF { <payload JSON> } ]

Header = [ { <header JSON> } CR LF CR LF ]
Payload = [ { <payload JSON> } ]

Header = [ { <header JSON> } WS* ]
Payload = [ { <payload JSON> } ]


The third is consistent with the approach for HTTP, the last is probably
the easiest to implement and is a superset of the third. The only problem
is that then this approach only works for JSON payloads.



> > There is an argument for making the signature part of the payload though.
> > It is not a HTTP protocol header, it is content metadata and these should
> > have always been kept separate.
>
> Exactly.

v2.23.0 | Report a Bug | By Email