Re: [Acme] Spec change to allow retrieval of Terms of Service URL
Matthew Holt <matthew.holt@gmail.com> Mon, 21 December 2015 23:02 UTC
Return-Path: <matthew.holt@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F01361ACE54 for <acme@ietfa.amsl.com>; Mon, 21 Dec 2015 15:02:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.701
X-Spam-Level:
X-Spam-Status: No, score=0.701 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VMleejuEHrQe for <acme@ietfa.amsl.com>; Mon, 21 Dec 2015 15:02:45 -0800 (PST)
Received: from mail-yk0-x236.google.com (mail-yk0-x236.google.com [IPv6:2607:f8b0:4002:c07::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A62F01ACE53 for <acme@ietf.org>; Mon, 21 Dec 2015 15:02:45 -0800 (PST)
Received: by mail-yk0-x236.google.com with SMTP id v6so146179555ykc.2 for <acme@ietf.org>; Mon, 21 Dec 2015 15:02:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :content-type; bh=MSHsQMKctm+5ZwfS2B/GtatlzrqFMaTKM9ucudjDrzE=; b=Se4pPp4O897nP0uN5Y8TQGVjhCMWQWerLU2jnjXaM8fgUarNfTsKkPAGen/JgWYwIc P9WOkUZSDBy8WH4C2hraK8A859cb7/8c+D69f1td/ShBZfdd1qXa+jsBy+a8RHVw34wk qdAICYnhaijcXwiS5DR4/G8hYIShFTQxtr++Jpy38TbVSPZnqEttBExTgJbAHKnkeO+3 OGJZAEwQhinUXgS64cL/uZboX4FPoVfvFB9rHjhtN/07v9E953mrQK4NaMZr3Xl7CFjf MkAqH/GB/nuWF3pprpPQLFURAj30e916AAEekx6BN/PnKzi09FIKXWPhHOW73EIPXAnY mUEw==
X-Received: by 10.129.107.8 with SMTP id g8mr16725422ywc.13.1450738964970; Mon, 21 Dec 2015 15:02:44 -0800 (PST)
MIME-Version: 1.0
References: <CAPWFDXWx-STKyM-wUvg78onZyh7vROxXm0_8g2+6n79v9Qc+cQ@mail.gmail.com> <87mvuknf8u.fsf@alice.fifthhorseman.net> <CAPWFDXU9n2LZg9-i2+3ehXw+W-7YU8nDbucxdoHkxFcz2F+thg@mail.gmail.com> <876116op8s.fsf@alice.fifthhorseman.net>
In-Reply-To: <876116op8s.fsf@alice.fifthhorseman.net>
From: Matthew Holt <matthew.holt@gmail.com>
Date: Mon, 21 Dec 2015 23:02:35 +0000
Message-ID: <CAPWFDXVp5ybDD1uputJmsc7cDk5L_nTdpiuiNAL3a7pBZ0G7zw@mail.gmail.com>
To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, acme@ietf.org
Content-Type: multipart/alternative; boundary="001a1147399cab45a40527707c56"
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/Kma0K2G9rIVtfHoYu0J-7ycPqHU>
Subject: Re: [Acme] Spec change to allow retrieval of Terms of Service URL
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Dec 2015 23:02:54 -0000
On Thu, Nov 12, 2015 at 2:57 PM Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > On Thu 2015-11-12 10:30:44 -0500, Matthew Holt wrote: > > If the client leaves it up to the user to follow the link, then the > format > > shouldn't matter in terms of the ACME spec; it is up to the document > > renderer (browser) to do so safely and correctly. > > if the spec has any implications that the user is agreeing to something > by proceeding with the process, then the spec needs to be really clear > what it means. If a document is unreadable by a user with (for example) > a browser that declines to execute javascript, or a browser cannot > access third-party resources, then the spec is encouraging both parties > (subscribers and CAs) to lie to each other. > Already, the spec has provisions for a link to terms (sec. 6.3) and that's the extent of it. There's no need for the specification to imply that _continuing_ the process signifies agreement; the client can take care of that. And I don't see why the spec can't be agnostic about the Content-Type it links to; it's between the client, the user, and the server to negotiate agreements; the spec can merely facilitate the means. How exactly the user agrees to the terms set by the user is irrelevant to the specification. > > > If the client were to actually download and show the document to the > user, > > then yes, plain text would be much better. Most terminal-based clients > will > > probably not want to show the full legal terms in the terminal window, > but > > would prefer a link. Simpler, less screen space required, accomplishes > same > > goal. > > They don't appear to accomplish the same goal to me. Maybe we need to > spell out what the goal is more explicitly? > The goal is simply this: If the server requires agreement to terms, there should be a way to link to the current terms from the directory without having to perform a transaction that attempts to mutate state. Hope that makes more sense. > > >> b) That the resource fetched from that URL will never change. I don't > >> want to retrieve the URL at time T, display it to the user, and then > >> have the user continue the process at time T+2 when the document > >> changed at time T+1. > > > > That's the idea. The URL to that version of the document should never > > change (ideally, but I suppose that is up to the CAs), but if it does, it > > means there is a new document, i.e. updated terms, the user must agree > to. > > So the URL would be assumed to be a key or token value representing the > > actual legal text; if it changes, the user should be re-prompted. > > If the intent is to be able to update the terms of service in > continuance of the subscriber relationship, then the immutability of the > provided statement needs to be much more carefully spelled out. > > Terms of Service, notice, and consent are complex problems with effects > going all the way up the stack to layer 9. If ACME proposes to treat > them as in-scope for the specification, we need to be careful and > explicit about how they're being tied in. > > I know "the IETF does not do UI", but we need to describe at least the > semantics of tasks that the UI needs to perform on behalf of the > subscriber (or, possibly, of the CA) if we expect this additional field > to be a meaningful part of the protocol. > If ACME is to facilitate automation, then it should take into account the legal barriers. Since certificates are often used with long-running processes (web and mail servers), the end user may not be physically present when a transaction takes place. If an ACME server is going to forbid requests due to agreement error, it would be helpful to know that before the user goes away. Hopefully this makes sense; I've run into this problem in developing a long-running ACME client. But I believe this problem has already been resolved in another discussion. What I'm trying to get at is a way of getting the ToS URL "for free" without having to invoke any other action on the server. Matt
- [Acme] Spec change to allow retrieval of Terms of… Matthew Holt
- Re: [Acme] Spec change to allow retrieval of Term… Daniel Kahn Gillmor
- Re: [Acme] Spec change to allow retrieval of Term… Yoav Nir
- Re: [Acme] Spec change to allow retrieval of Term… Matthew Holt
- Re: [Acme] Spec change to allow retrieval of Term… Daniel Kahn Gillmor
- Re: [Acme] Spec change to allow retrieval of Term… Matthew Holt
- Re: [Acme] Spec change to allow retrieval of Term… Richard Barnes
- Re: [Acme] Spec change to allow retrieval of Term… Richard Barnes
- Re: [Acme] Spec change to allow retrieval of Term… Matthew Holt