IETF Logo Mail Archive

Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf-acme-email-smime-10: (with DISCUSS and COMMENT)

Fraser Tweedale <frase@frase.id.au> Sat, 14 November 2020 04:47 UTC

Return-Path: <frase@frase.id.au>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 00A993A107E; Fri, 13 Nov 2020 20:47:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VnZ6F0dg4uwy; Fri, 13 Nov 2020 20:47:14 -0800 (PST)
Received: from mail16.tpgi.com.au (mail16.tpgi.com.au [203.12.160.231]) by ietfa.amsl.com (Postfix) with ESMTP id 4D3973A107D; Fri, 13 Nov 2020 20:47:14 -0800 (PST)
X-TPG-Junk-Status: Message not scanned
X-TPG-Abuse: host=123-243-182-129.static.tpgi.com.au; ip=123.243.182.129; date=Sat, 14 Nov 2020 15:47:07 +1100
Received: from bacardi.hollandpark.frase.id.au (123-243-182-129.static.tpgi.com.au [123.243.182.129]) by mail16.tpgi.com.au (envelope-from frase@frase.id.au) (8.14.3/8.14.3) with ESMTP id 0AE4l5kD021478 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Sat, 14 Nov 2020 15:47:07 +1100
Received: from bacardi.hollandpark.frase.id.au (localhost [127.0.0.1]) by bacardi.hollandpark.frase.id.au (8.15.2/8.15.2) with ESMTPS id 0AE4l4pI071152 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Sat, 14 Nov 2020 14:47:05 +1000 (EST) (envelope-from frase@frase.id.au)
Received: (from fraser@localhost) by bacardi.hollandpark.frase.id.au (8.15.2/8.15.2/Submit) id 0AE4l3bN071151; Sat, 14 Nov 2020 14:47:03 +1000 (EST) (envelope-from frase@frase.id.au)
X-Authentication-Warning: bacardi.hollandpark.frase.id.au: fraser set sender to frase@frase.id.au using -f
Date: Sat, 14 Nov 2020 14:47:03 +1000
From: Fraser Tweedale <frase@frase.id.au>
To: Benjamin Kaduk <kaduk@mit.edu>
Cc: Alexey Melnikov <alexey.melnikov@isode.com>, rsalz@akamai.com, acme@ietf.org, The IESG <iesg@ietf.org>, draft-ietf-acme-email-smime@ietf.org, acme-chairs@ietf.org
Message-ID: <20201114044703.GB1240@bacardi.hollandpark.frase.id.au>
References: <160456339844.32027.10383263330343255957@ietfa.amsl.com> <4f0c0a3d-766a-3da7-f5b7-b2abd447298b@isode.com> <20201106222940.GK39170@kduck.mit.edu> <d4eae80c-1b68-5672-7b39-48d97d5c6f2c@isode.com> <20201112234825.GO39170@kduck.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20201112234825.GO39170@kduck.mit.edu>
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/LbzeQJpteQrGKTIuGR8h0rzo-gU>
Subject: Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf-acme-email-smime-10: (with DISCUSS and COMMENT)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 14 Nov 2020 04:47:16 -0000

On Thu, Nov 12, 2020 at 03:48:25PM -0800, Benjamin Kaduk wrote:
> On a related note, the thread with Fraser, combined with our live
> discussion earlier today, made me realize that we really should say what
> the contents of the 'url' field of the challenge object are.  I know Fraser
> wanted it to be an HTTPS resource, but it seems like a mailto: URL might
> make more sense.  A mailto: URL could also (in some cases) play the role of the
> "token-part0" I had pondered about previously, in that if the ACME server
> uses a challenge-specific address with sufficient entropy, and that is
> the From: line of the challenge email, then a sufficiently aware MUA/client
> can use that address to link the incoming challenge email with the pending
> ACME challenge. (More below.)
>

Hi Benjamin,

It is an interesting idea.  A mailto: challenge URL seems
technically feasible but has some consequences:

- RFC 8555 says that the client POSTs to that URL, implying HTTPS.
  We can define a different semantics for a different challenge
  types, but...

- POST to an HTTPS URL, after email was sent, should work fine for
  the "email-reply-00" validation method.  It is coherent with other
  challenge types (prepare HTTP resource then notify; create DNS
  records then notify; etc).  I don't think we should forfeit this
  cohesion lightly; it will aid implementors of both clients and
  servers to keep the mental model for difference challenge types as
  close as possible.

- And, as I discussed in the other thread, NOT having the client
  POST to notify the server that challenge email was sent does
  restrict the ways you could implement the server.  Specifically,
  the Mail Delivery Agent would have to _proactively_ perform
  ACME-related processing of received messages.  Compare to a server
  implementation where the MDA can just store mail somewhere, and
  the ACME server can search for the reply after client has POSTed
  that the mail was sent.  This maintains a nice separation between
  mail delivery, and ACME server behaviour.  If I were implementing
  the server side, this is how I would prefer to do it.

Cheers,
Fraser

v2.23.0 | Report a Bug | By Email