IETF Logo Mail Archive

Re: [Acme] ACME breaking change: Most GETs become POSTs

Daniel McCarney <cpu@letsencrypt.org> Fri, 31 August 2018 19:37 UTC

Return-Path: <dmccarney@letsencrypt.org>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A0CFD130E08 for <acme@ietfa.amsl.com>; Fri, 31 Aug 2018 12:37:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=letsencrypt.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pT68s-jSQjFA for <acme@ietfa.amsl.com>; Fri, 31 Aug 2018 12:37:03 -0700 (PDT)
Received: from mail-it0-x229.google.com (mail-it0-x229.google.com [IPv6:2607:f8b0:4001:c0b::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2B8F4124C04 for <acme@ietf.org>; Fri, 31 Aug 2018 12:37:03 -0700 (PDT)
Received: by mail-it0-x229.google.com with SMTP id h1-v6so8571540itj.4 for <acme@ietf.org>; Fri, 31 Aug 2018 12:37:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=letsencrypt.org; s=google; h=mime-version:reply-to:in-reply-to:references:from:date:message-id :subject:to:cc; bh=zfinQgt32UOgwGP71XTnBiwQDYNV3dcHsavyKtQBHeE=; b=IQPPUY+jtNGxLFoOw9g3ju0XYH1XWd4Q6San5F+tc0FTJVuUE+wf/VJMs5fdD9W7ab 2+TrCM8cT8bIlwh1lxAUWRw4RsBBispevbWLEL+whhUxkac3VU9NhVfLzcl0JwDHq/Nk 8UNcSPWHrgwJU1NnJ64eo5Kt69xf05LNObk/I=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :from:date:message-id:subject:to:cc; bh=zfinQgt32UOgwGP71XTnBiwQDYNV3dcHsavyKtQBHeE=; b=HYZYlHWZn6crkZWigK95A//osUm5p8YLeGEHM7wHtmzQF2TOwSMsQZzc3QDT5TfLTY ZBMN1EJ89NJNKjtarYLGm53mYimOIh1mllnsoPy/79H+6RQgnIb6sWqKlRoKbng+GgNx A/e3Qig2UEFDL2/2Uul33y7qSzxWHjitATCBXpfMVjQewsWGqThD1UnvedvmDzKpHcqA LJApqXThqoqpIkifpbtryxUf20EQD+1VeM6yB4fFgiz2y91rXlBb96Bq7PqR9AblczPz 0opmZUdmN6MIckU54eIzX5n2pu1qkSYgG79tekFGiTPjksQ/yNbOD0z8cBZ8OsdfUygI FbRw==
X-Gm-Message-State: APzg51D9QSsyrTtHxvUUdVHm6wcxKp5lZJZCQZZbhAeQ2H7eoDGSMoNN CM3+RpSbOsvtMS2uK6Q2NiTs5TWG2E9d4ekCb/zwNazUm68=
X-Google-Smtp-Source: ANB0VdaCemr3Rm1vk2y5hbpKQmoNqrFXMS966TaJyc4WXt91LxZbu2yPcqP17DmV1MbiXLo9/5cOirq8/dSwkvhTUgQ=
X-Received: by 2002:a24:44d7:: with SMTP id o206-v6mr5997613ita.66.1535744222491; Fri, 31 Aug 2018 12:37:02 -0700 (PDT)
MIME-Version: 1.0
Reply-To: cpu@letsencrypt.org
Received: by 2002:a6b:20d2:0:0:0:0:0 with HTTP; Fri, 31 Aug 2018 12:37:01 -0700 (PDT)
In-Reply-To: <20180831193411.GD10368@localhost>
References: <c33184f3-4e64-b7ea-babb-d29e2307f1f3@eff.org> <20180831193411.GD10368@localhost>
From: Daniel McCarney <cpu@letsencrypt.org>
Date: Fri, 31 Aug 2018 15:37:01 -0400
Message-ID: <CAKnbcLjY2NH=FdCkpWGLmPj8iXDqBk4hjF8kfGT18GyOTW4-3g@mail.gmail.com>
To: Nico Williams <nico@cryptonector.com>
Cc: Jacob Hoffman-Andrews <jsha@eff.org>, ACME WG <acme@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000d911110574c0506d"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/O9XQvi8Z-BFC2Tf6TMUhcNmE3_M>
Subject: Re: [Acme] ACME breaking change: Most GETs become POSTs
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Aug 2018 19:37:06 -0000

> How does using POST address this?


Please read the draft. We're talking about POSTs authenticated with JWS not
vanilla HTTP POSTs.

On Fri, Aug 31, 2018 at 3:34 PM, Nico Williams <nico@cryptonector.com>
wrote:

> On Thu, Aug 30, 2018 at 04:20:41PM -0700, Jacob Hoffman-Andrews wrote:
> > ACME currently has unauthenticated GETs for some resources. This was
> > originally discussed in January 2015[1]. We decided to put all sensitive
> > data in the account resource and consider all GET resources public, with
> a
> > slant towards transparency.
> >
> > Adam Roach recently pointed out in his Area Director review that even
> when
> > the contents of GET URLs aren’t sensitive, their correlation may be. For
> > instance, some CAs might consider the grouping of certificates by
> account to
> > be sensitive.
>
> This is true, but GET isn't the issue.  If you have iterable URI
> constructions then POST will let you iterate them just as well as GET.
>
> > Richard Barnes proposes[2] to change all GETs to POSTs (except directory
> and
> > new-nonce). This will be a breaking change. Clients that were compatible
> > with previous drafts, informally called ACMEv1 and ACMEv2, will not be
> > compatible with a draft that mandates POSTs everywhere. It will be a
> painful
> > change, since the ecosystem just started switching to ACMEv2, which
> looked
> > to be near-final.
>
> How does using POST address this?
>
> Neither does GET imply unauthenticated, nor does POST imply
> authenticated.
>
> GET vs POST can make a difference in the context of HTML (where you can
> get a user-agent to GET a resource without the user taking action), but
> I don't think that's relevant here.
>
> > I think this is the right path forwards. ACME will be a simpler, better
> > protocol long-term if all requests are authenticated. However, if we’re
> > taking this path we should aim to come to consensus and land the final
> spec
> > quickly to reduce uncertainty for ACME client implementers.
>
> This is wrong.  GET vs POST makes no difference as to iteration of
> resources.
>
> Please use HTTP correctly.
>
> If a resource is read-only or GETs of it would be idempotent anyways,
> then use GET.
>
> Do include normative text about the shape of the URIs to prevent
> iteration via monotonic increment of numeric components or query
> parameters.
>
> Do specify what requires authentication and what does not.
>
> Do not misuse HTTP verbs.
>
> Nico
> --
>
> _______________________________________________
> Acme mailing list
> Acme@ietf.org
> https://www.ietf.org/mailman/listinfo/acme
>

v2.23.0 | Report a Bug | By Email