Re: [Acme] On multiple CAs and contact-based recovery
Richard Barnes <rlb@ipv.sx> Thu, 24 March 2016 15:23 UTC
Return-Path: <rlb@ipv.sx>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8761912DCC9 for <acme@ietfa.amsl.com>; Thu, 24 Mar 2016 08:23:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zBvfK3dJWi0e for <acme@ietfa.amsl.com>; Thu, 24 Mar 2016 08:23:08 -0700 (PDT)
Received: from mail-vk0-x232.google.com (mail-vk0-x232.google.com [IPv6:2607:f8b0:400c:c05::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3B09512DC33 for <acme@ietf.org>; Thu, 24 Mar 2016 08:07:19 -0700 (PDT)
Received: by mail-vk0-x232.google.com with SMTP id e6so62531723vkh.2 for <acme@ietf.org>; Thu, 24 Mar 2016 08:07:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc; bh=SO3/LZu1F7BBYXsIkstdxdjZfhYLj6cfnLobgwb632E=; b=seBjNkGoOEGup3EUfh28sQAuz3MWOasU/R72mWJc1DwWZRWHTWCK5ul3h6FokvGN2y VHkC7nnjWg9Kq2mPDT84Ec/coqFDdXo6Rdr5HaBzjdwMDcgrdA8DAUdX+tx47jB4XfS9 SeuNwMkwsWEzXGNF8fEOJXY9MLwDZ+OOSDNlxRWhUPaScPqPzEXJ9ye7tlCEfKlm3If9 J3MKsDvaO5s5UV+kxyz304mbLLB1AMH1JiqPAtqM1bvnaRjWa3HzSc3JzYghKSIxMMZV qT/AQ+m6DjyGeOOK1jJNVT+SFMYYjxSjMhpDOwLkEZTKr7uAYXwXfUwMNtFQZSDNODjn F7Aw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc; bh=SO3/LZu1F7BBYXsIkstdxdjZfhYLj6cfnLobgwb632E=; b=ihaVBh080q46CKS1slYYE+auajQxpcOL/5fZjDbBpygVBfwa7pPejN9eIX2ik2GOd/ SXxzkg5UDUC398h8R4I7HzlQa47m7k4bjnztTRdy2myuogkiPHTDzUfP+wqrtSvyFt6E 9dBgJNXrKNw+MwEaa4Q2SEE+Qnf6/RBgu07gCCpX881eQhrGbwkg1SZWYXWVMAjHoJ7m 0/Bx4Nr8XfgToX2walSwqvjgtZWjbyK3TT4zqGUmalceEwqsc9i4SGWQwFnT7mYeYu6w QCroOZyUa+UDKtwXu4wuUm6eR3dAjxv9rwpwQvd64/GP2fHdNGYgIxAkVSphvJXegrQA KMuQ==
X-Gm-Message-State: AD7BkJIuVj6cHNriXA+BIbeFKgoyo2vfp5gM7nLE3wCmUfnv5alVcndijGrDe2jFIxOuZq9UVtm4FFqEBN4C8A==
MIME-Version: 1.0
X-Received: by 10.31.8.205 with SMTP id 196mr4859975vki.144.1458832028730; Thu, 24 Mar 2016 08:07:08 -0700 (PDT)
Received: by 10.31.151.85 with HTTP; Thu, 24 Mar 2016 08:07:08 -0700 (PDT)
In-Reply-To: <20160324094240.GJ15641@hex.shelbyville.oz>
References: <B594A7FA-1F8B-489C-8A7D-328BCD60C79A@inria.fr> <CABkgnnVL2z1vR_ii_+0C0jwU9DVW8NWe5FsAbC3P_-o1V2sjEQ@mail.gmail.com> <20160324094240.GJ15641@hex.shelbyville.oz>
Date: Thu, 24 Mar 2016 11:07:08 -0400
Message-ID: <CAL02cgTVLQMWWbBpMSeOrFte+bdmDuoQNCUk2akOquFLJ2xFhw@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
To: Ron <ron@debian.org>
Content-Type: multipart/alternative; boundary="001a1144f912dc1d7a052ecccc92"
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/PMXLxs6sk_0c6eIXRk3CV-ZXqjA>
Cc: Karthik Bhargavan <karthikeyan.bhargavan@inria.fr>, "acme@ietf.org" <acme@ietf.org>, Martin Thomson <martin.thomson@gmail.com>
Subject: Re: [Acme] On multiple CAs and contact-based recovery
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2016 15:23:13 -0000
On Thu, Mar 24, 2016 at 5:42 AM, Ron <ron@debian.org> wrote: > On Thu, Mar 24, 2016 at 04:45:06PM +1100, Martin Thomson wrote: > > On 24 March 2016 at 09:33, Karthik Bhargavan > > <karthikeyan.bhargavan@inria.fr> wrote: > > > Emails with clickable links are *BAD*; we should enhance their > security by > > > linking them better with > > > the ACME account key. > > > > FWIW, I think that a clickable link could be possible, it just > > wouldn't be able to point to the server. If, as you suggest, the > > point is to give the ACME client a fresh secret, then the link could > > be changed from: > > > > https://acme.server.example/recover/<secret> > > > > to > > > > acme:recover:<secret> > > Personally, I like the idea of moving best practice away from clickable > links in plaintext email ... > > But if integration with existing email infrastructure is desirable, > the other option to consider there might be PGP/MIME. > > The downside is you add yet another key to manage and all the things > which come with that. > > The upsides are, we get to reinvent fewer wheels, we can have end to > end security for the email exchange (to the point where the entire > exchange could be a signed and encrypted reply to the challenge email), > and the 'exceptional' recovery mechanism requires proof of ownership > of a key which can be kept entirely separate from the normal 'day to > day' use of an acme client - and which might be more likely to be > protected by a strong passphrase than the keys used for automated > acme renewals. > > (maybe the reason I lost my account key and need to recover is that > someone broke in and stole the machine it was on, so having something > which can trump that to let me recover and revoke it does seem like a > desirable thing in its own right - but that then poses the problem of > what proof do I need to show to securely change my trump card ...) > > In theory, the server and client keys could also be cross-signed, > but that probably doesn't scale to having 7 billion signatures on > the server key :) > > All the client would need to do is publish their PGP key on a keyserver > and add the fingerprint of that key as part of their contact details. > > > But that said, I do also like the simplicity of making this congruent > with the account roll-over process. > > > > Most operating systems understand how to invoke local software in > > response to that and your proposed flow behaves much the same from a > > user perspective. > > > > That isn't *as* good as your proposal, I don't think, but it might > > have some usability advantages. > > The main downside I see to this, is that if I need to fully automate > the acme client to perform certificate renewals every few weeks, > then it's unlikely to be running on the same machine where I read > email. > I think it's safe to say that any system which is designed to support re-validation with any frequency cannot involve email. However, note that ACME supports renewal of certificates without re-validation. --Richard > > Ideally it's going to be running in a sandbox that has very limited > access to or from anything but the acme server, the machines where > certificates need to be deployed, and the people who are authorised > to administer it. > > If I was going to add a way to allow people to perform admin actions > on it via email, it probably would be by having them send PGP signed > control messages to it ... > > Ron > > > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme >
- [Acme] On multiple CAs and contact-based recovery Karthik Bhargavan
- Re: [Acme] On multiple CAs and contact-based reco… Ted Hardie
- Re: [Acme] On multiple CAs and contact-based reco… Karthik Bhargavan
- Re: [Acme] On multiple CAs and contact-based reco… Stephen Farrell
- Re: [Acme] On multiple CAs and contact-based reco… Martin Thomson
- Re: [Acme] On multiple CAs and contact-based reco… Ron
- Re: [Acme] On multiple CAs and contact-based reco… Richard Barnes
- Re: [Acme] On multiple CAs and contact-based reco… Richard Barnes
- Re: [Acme] On multiple CAs and contact-based reco… Ron
- Re: [Acme] On multiple CAs and contact-based reco… Ron
- Re: [Acme] On multiple CAs and contact-based reco… Karthik Bhargavan