Re: [Acme] [Technical Errata Reported] RFC8555 (6950)
Deb Cooley <debcooley1@gmail.com> Fri, 05 January 2024 12:14 UTC
Return-Path: <debcooley1@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 89F8AC14F6B8 for <acme@ietfa.amsl.com>; Fri, 5 Jan 2024 04:14:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.854
X-Spam-Level:
X-Spam-Status: No, score=-1.854 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id p0O6dLQktxwv for <acme@ietfa.amsl.com>; Fri, 5 Jan 2024 04:14:44 -0800 (PST)
Received: from mail-il1-x135.google.com (mail-il1-x135.google.com [IPv6:2607:f8b0:4864:20::135]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 031D8C151069 for <acme@ietf.org>; Fri, 5 Jan 2024 04:14:43 -0800 (PST)
Received: by mail-il1-x135.google.com with SMTP id e9e14a558f8ab-36074b286d8so921165ab.1 for <acme@ietf.org>; Fri, 05 Jan 2024 04:14:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1704456883; x=1705061683; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=EMYnvLp/LZ265WQymwmboG4DruHdnWMPR1VPV8KCfRs=; b=L35ZfW5Myp3IsQ7YLiS+FIkHw3XnLBew8q8GYkn2L2JG4Jkr+HdbLIrZwe5MXZyqvh xJ9tKSwGZF9EVicP7oR0DgIWmQheEmC015vB7QwEP/fosJHDLEcGfI4u9YTcetuaZY7O tmxKjC3Qp97lXFEh5rD/oR/0hSByiEasLmjNMn0seqHdcNn42OUWwdrMgTdzFFd9Gp8S /lQ/JvMxzOSpahjmnEFeEkAcwIH92YZVO+HTZYe+HwScVddKIIy4YD02HBvPwE/w3tGF V9WKs00yzMv1ej7659rFOpDliz2GAGnCBSvFQczUR5CH09eiM6zWFVdBXq+crhxdCgoz 3Qiw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704456883; x=1705061683; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=EMYnvLp/LZ265WQymwmboG4DruHdnWMPR1VPV8KCfRs=; b=kzMmEMDsi6OqVdlEkUGJSfBrIzmcZdKL+3yzp7xAhGERw/iERYKNBSYMCZ/EVNTa9c ZhxNUM9Szrpcluq9FGby3u+dvCfswRYnr8j6g7QOG0mv+sBHHOx8O+fSvxFuB9+0hrfV EOLkFdmYdJej78Ar/w9t3I2AyZG31cxkciIJe8IkyAf7qUiRog6r1/7AU6KJRgYNg1ml Xudng+Q3X8y1bm88wqT1fPYsZdNpC6kNtUiZNh3nb5FvIAEqUk1QWKuqmn8k4GkEJ04w 3UbnwP8c9ocaqdM4AtVitUFxDZZ5ITH8xjMoZuL2pbby8lnWe289LIKCaweMOjtQF1vb T5IQ==
X-Gm-Message-State: AOJu0Yy/IDVOJ5YpzPNCBDGdoB7mXj3bUGagUdz9FzE7goMqdp8xHZ/l lFicg6I6fPmWopY30tTdv/H6ZTm/5dZviMh9Lw==
X-Google-Smtp-Source: AGHT+IHQZPtRcyXZm7KYKyyFdb5lTHy/CteZ96EBnIC0va8d1IBOhQQOOZRQ1f2VmRSdUPG7RyWU66l0dktT1ZZiQzE=
X-Received: by 2002:a05:6e02:20c8:b0:35f:f25b:6bba with SMTP id 8-20020a056e0220c800b0035ff25b6bbamr2126011ilq.13.1704456882761; Fri, 05 Jan 2024 04:14:42 -0800 (PST)
MIME-Version: 1.0
References: <20220502083134.BDA48E5311@rfcpa.amsl.com> <CAGgd1OeY01bGe+mgNo-UjjcFyYKGVLaBPgDFOJG1dusE+R9m-Q@mail.gmail.com>
In-Reply-To: <CAGgd1OeY01bGe+mgNo-UjjcFyYKGVLaBPgDFOJG1dusE+R9m-Q@mail.gmail.com>
From: Deb Cooley <debcooley1@gmail.com>
Date: Fri, 05 Jan 2024 07:14:19 -0500
Message-ID: <CAGgd1OetWp7k-dbRTNr4XT3K+seZGsWgO2rsMghYhXTefy+SJA@mail.gmail.com>
To: rlb@ipv.sx, jsha@eff.org, jdkasten@umich.edu
Cc: rdd@cert.org, ynir.ietf@gmail.com, lloyd.wood@yahoo.co.uk, acme@ietf.org, RFC Errata System <rfc-editor@rfc-editor.org>
Content-Type: multipart/alternative; boundary="000000000000083b75060e31cb0d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/L-ZUyW5Xu81bARVOg8CisxiD15A>
Subject: Re: [Acme] [Technical Errata Reported] RFC8555 (6950)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Jan 2024 12:14:48 -0000
I did some reading, some consulting, and some pondering. I want to reject
this errata.
1. The original paragraph:
token (required, string): A random value that uniquely identifies
the challenge. This value MUST have at least 128 bits of entropy.
It MUST NOT contain any characters outside the base64url alphabet
and MUST NOT include base64 padding characters ("="). See
[RFC4086] for additional information on randomness requirements.
In my opinion this is sufficient. It specifies how much entropy (w/ a
ref), and specifies what cannot be included (padding, non-base54
characters).
Let me know if you have other thoughts.
Deb
On Thu, Jan 4, 2024 at 7:41 AM Deb Cooley <debcooley1@gmail.com> wrote:
> opinions? Does entropy have to be measured as a base64 encoded value?
>
> Deb
>
> On Mon, May 2, 2022 at 4:31 AM RFC Errata System <
> rfc-editor@rfc-editor.org> wrote:
>
>> The following errata report has been submitted for RFC8555,
>> "Automatic Certificate Management Environment (ACME)".
>>
>> --------------------------------------
>> You may review the report below and at:
>> https://www.rfc-editor.org/errata/eid6950
>>
>> --------------------------------------
>> Type: Technical
>> Reported by: Lloyd Wood <lloyd.wood@yahoo.co.uk>
>>
>> Section: GLOBAL
>>
>> Original Text
>> -------------
>> token (required, string): A random value that uniquely identifies
>> the challenge. This value MUST have at least 128 bits of entropy.
>>
>> Corrected Text
>> --------------
>> token (required, string): A random value that uniquely identifies
>> the challenge. This value MUST have at least 128 bits of entropy,
>> which in the
>> base64url alphabet means a minimum string length of 22 characters
>> if the full
>> scope of the base64url alphabet is in use in the token, by:
>> log2(64^22) = 132 bits of entropy
>>
>>
>>
>> Notes
>> -----
>> This standards-track document doesn't specify the string ramifications
>> for entropy; I'd expect it to be called out to implementers, just the once,
>> and then referred to later at other tokens.
>>
>> If entropy is log2 the number of possible characters (64 if full
>> base64url set of chars is in use) then
>> log2 (64^21) = 126
>> log2 (64^22) = 132
>>
>> so a minimum of 22 characters are needed to get a minimum of 128 bits of
>> entropy in the token.
>>
>> But, if the random value is specified using a subset of the base64url,
>> say because the implementer doesn't like or use CAPITALS or (most likely)
>> the punctuation symbols, then the token must necessarily be longer to meet
>> the local implementer entropy requirement (though just losing only the
>> punctuation marks means you're still good and meet the requirement with 22
>> characters). Not sure that matters so much on the wire.
>>
>> I also have editing nits about base64url being defined clearly in ABNF
>> just for Replay-Nonce:, but then both 'base64 alphabet' and 'base64url
>> alphabet' are in use in the document, and base64url references are to
>> RFC4648 via RFC7515, but those are to Base64url, not to base64url... it all
>> seems a bit inconsistent editingwise. So all the references to 'base64
>> alphabet' should be to 'base64url alphabet' as defined in the doc, but it
>> should really be 'Base64url alphabet' to be consistent with references?
>>
>> (I really think that it should have been called 'Base-64_url alphabet'
>> way back when to enphasise the punctuation use, but that ship has sailed.)
>>
>> To me, 'base64 alphabet' is the a-zA-Z subset of base64... I think the
>> document could be much clearer in this regard, and I hope any doc revisions
>> taking into account all the other errata raised consider this too.
>>
>> My thanks to Lee Maguire for pointing much of this out.
>>
>> Instructions:
>> -------------
>> This erratum is currently posted as "Reported". If necessary, please
>> use "Reply All" to discuss whether it should be verified or
>> rejected. When a decision is reached, the verifying party
>> can log in to change the status and edit the report, if necessary.
>>
>> --------------------------------------
>> RFC8555 (draft-ietf-acme-acme-18)
>> --------------------------------------
>> Title : Automatic Certificate Management Environment (ACME)
>> Publication Date : March 2019
>> Author(s) : R. Barnes, J. Hoffman-Andrews, D. McCarney, J.
>> Kasten
>> Category : PROPOSED STANDARD
>> Source : Automated Certificate Management Environment
>> Area : Security
>> Stream : IETF
>> Verifying Party : IESG
>>
>
- [Acme] [Technical Errata Reported] RFC8555 (6950) RFC Errata System
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Deb Cooley
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Salz, Rich
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… lloyd.wood
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Deb Cooley
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Deb Cooley
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Thomas Lußnig
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Jacob Hoffman-Andrews
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… Lloyd W
- Re: [Acme] [Technical Errata Reported] RFC8555 (6… John Scudder