[Acme] Second AD Review: draft-ietf-acme-star

Roman Danyliw <rdd@cert.org> Fri, 21 June 2019 11:58 UTC

Return-Path: <rdd@cert.org>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 7F41E12027A for <acme@ietfa.amsl.com>; Fri, 21 Jun 2019 04:58:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id J_h3CxMHe5xq for <acme@ietfa.amsl.com>; Fri, 21 Jun 2019 04:58:15 -0700 (PDT)
Received: from veto.sei.cmu.edu (veto.sei.cmu.edu []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1DF8812026E for <acme@ietf.org>; Fri, 21 Jun 2019 04:58:15 -0700 (PDT)
Received: from delp.sei.cmu.edu (delp.sei.cmu.edu []) by veto.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x5LBwDx3033730 for <acme@ietf.org>; Fri, 21 Jun 2019 07:58:13 -0400
DKIM-Filter: OpenDKIM Filter v2.11.0 veto.sei.cmu.edu x5LBwDx3033730
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cert.org; s=yc2bmwvrj62m; t=1561118293; bh=gMiin7SsX25PdB6nXSACJZGWN53zDMhhIetLx0vkKBA=; h=From:To:Subject:Date:From; b=VY8FMUVDg3KDyBg0ZytDHnHUgkBJ+TB5AeM2GwE2u0jceYVz728EV55NV3pNdEih5 FYpARuXKVBBr3TJtKktldVHy5GzIgJp2FPg3cmp3rGCEZ7GhBCqJITwgP+DGNiDvCg lg8McBil+C/Rv7kXNG+U0KAsklMca+I/VbmRe96I=
Received: from CASCADE.ad.sei.cmu.edu (cascade.ad.sei.cmu.edu []) by delp.sei.cmu.edu (8.14.7/8.14.7) with ESMTP id x5LBwAMU003178 for <acme@ietf.org>; Fri, 21 Jun 2019 07:58:10 -0400
Received: from MARATHON.ad.sei.cmu.edu ([]) by CASCADE.ad.sei.cmu.edu ([]) with mapi id 14.03.0439.000; Fri, 21 Jun 2019 07:58:10 -0400
From: Roman Danyliw <rdd@cert.org>
To: "acme@ietf.org" <acme@ietf.org>
Thread-Topic: Second AD Review: draft-ietf-acme-star
Thread-Index: AdUoEOda7iC+uEqaRfGoa190+QjflA==
Date: Fri, 21 Jun 2019 11:58:10 +0000
Message-ID: <359EC4B99E040048A7131E0F4E113AFC01B33A0AEF@marathon>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/MMtEuX0j_YWLD7i0sToBCaoNre4>
Subject: [Acme] Second AD Review: draft-ietf-acme-star
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Jun 2019 11:58:18 -0000


I conducted as second AD review of draft-ietf-acme-star per the AD hand-off.  I have the following feedback:

** (From the first AD review) Per the issue of PS vs. Experimental status - I reviewed Section 5, Shepherd Write-up and the ML thread of the previous AD review (https://mailarchive.ietf.org/arch/msg/acme/ZWRzPxrWBrp_xjEn98A4HOBxkc4).  From that I see there was one prototype implementation (from MAMI, thanks!) and a hackathon.  To following up, who has indicated interest in implementing this draft?

** Section 2.1.  Per "The bootstrap phase ends when the Id0 obtains a confirmation from the ACME CA that includes a star-certificate endpoint", what's a "star certificate endpoint" and how is that different than an "order URL for the issued STAR certificate" (per the previous paragraph)?

** Section 2.2.  Per "The CA issues the initial certificate, typically when the authorization is done", what is the circumstance where the certificate is issued before the authorization?

** Section 3.1.2.  Per "The server MUST NOT issue any additional certificates for this order beyond the certificate that is available for collection at the time of deletion":
-- what is "time of deletion"?  Is that the same as the time order cancelation? 
-- What does "beyond the certificate that is available for collection" mean if the text below this sentence says that accessing the star-certificate URL should return a 403 error?

** Section 3.3.  The example shows a Link HTTP header but does not explain how it should be populated.

** Section 7.  I didn't see any language in the Security Consideration about the impact/exposure of shifting to a model where certificate revocation doesn't occur.  In Section 1, [Topalovic] hints at potentially cover this topic, but the site used in the reference section didn't resolve for me.  It needs some treatment in the Security Considerations

** Section 7.2.  The guidance in Section 7.2 seems appropriate for the identified privacy issue.  However, it also seems to apply to the more basic security issue of guessing the URL too.
-- Is there a reason why this isn't mentioned as a security issue too?
-- Why is the recommendation for a server to choose URLs in a non-guessable only a SHOULD and not a MUST?  Under what circumstances would it be advisable for the URLs to be guessable?

Editorial Feedback:

** Section 1.0  Per the sentence "The Id0 can terminate the automatic renewal before the natural deadline", what's a "natural deadline"?  Isn't it a "negotiated deadline" or "negotiated renewal window"?   

** Section 1.1  It seems odd to call out name delegation as the only formal use case.

** Section 2.2.  Per Figure 1, this isn't explicitly noted as an example so it strikes me as inappropriate to include "72-hours" as the auto-renew period is negotiated (as it is so specific and could be read as normative).  Either call this an example or change "72 hours" to be something on the order of "short validity period".

** Section 2.3.  Figure 2 is included in Section 2.3 but is not referenced in the text.

** Sections 3.1.1, 3.1.2.  What is the role of the json blob after the first paragraph?  It isn't referenced in the text and doesn't have a figure number.

** Section 3.1.1. Add a citation to "Section 7.1.3 of RFC8555" for notBefore and notAfter.

** Section 3.1.1.  Add the citation "Section 7.1.6 of RFC8555" to the sentence, "ACME defines the following values ..." to make it clear what part of ACME you are updating/extending.

** Section 3.1.1.  The first few paragraphs describing the new STAR items in the request as "attributes".  However, the last paragraph starting with "A STAR certificate ..." refers to "certificate" and "star-certificate" as a "key".  Be consistent.

** Section 3.2. Typo.  /The directory/the directory/

** Section 3.2.  As the meta field is being extended, add a reference to Section 9.7.6 of RFC8555.

** Section 3.2.  Use attribute or key to referrer to the additions to the "meta" field, not both.

** Section 3.2, 3.3.  Per the example, I recommend making this an explicit figure with a number that you reference instead of introducing it with a long sentence that ends with a colon.

** Section 3.4.  The recurrent-certificate-get is referred to as an attribute, but here it is called a key.  I recommend making this consistent.

** Section 3.4.  Does the sentence "If the server accepts the request, it MUST reflect the key in the Order" mean that if the server accepts the request to support unauthenticated GETs, it will keep the recurrent-certificate-get=true in the order response?  If so, I'd recommend making this sentence a little clearer as without the assumed context of the section I didn't understand what it meant to "reflect a key".

** Section 3.5.1.  Per the array after the text "The notBefore and notAfter ... paragraph", why is this a JSON styled array?