Re: [Acme] Proposed ACME Charter Language

Michael Ströder <michael@stroeder.com> Fri, 15 May 2015 16:29 UTC

Return-Path: <michael@stroeder.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A99401A1EFD for <acme@ietfa.amsl.com>; Fri, 15 May 2015 09:29:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.312
X-Spam-Level:
X-Spam-Status: No, score=-2.312 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id duamEC8ecI5x for <acme@ietfa.amsl.com>; Fri, 15 May 2015 09:29:39 -0700 (PDT)
Received: from srv1.stroeder.com (srv1.stroeder.com [213.240.180.113]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 971B11A1EF5 for <acme@ietf.org>; Fri, 15 May 2015 09:29:38 -0700 (PDT)
Received: from srv4.stroeder.local (srv4.stroeder.local [10.1.1.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.stroeder.local", Issuer "stroeder.com Server CA no. 2009-07" (verified OK)) by srv1.stroeder.com (Postfix) with ESMTPS id E116C1CF08 for <acme@ietf.org>; Fri, 15 May 2015 16:29:35 +0000 (UTC)
Received: from nb2.stroeder.local (nb2.stroeder.local [10.1.1.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by srv4.stroeder.local (Postfix) with ESMTPS id 5CAC31CF2A for <acme@ietf.org>; Fri, 15 May 2015 16:29:33 +0000 (UTC)
Message-ID: <55561EED.6030000@stroeder.com>
Date: Fri, 15 May 2015 18:29:33 +0200
From: =?UTF-8?Q?Michael_Str=c3=b6der?= <michael@stroeder.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:36.0) Gecko/20100101 SeaMonkey/2.33.1
MIME-Version: 1.0
To: IETF ACME <acme@ietf.org>
References: <6A9C3116-8CC9-472C-8AA8-F555D060834C@vigilsec.com> <CABcZeBOy2yBEMGMxcDy=E3fvc+OF1sZfvOV7twJHAvKqtrxtLg@mail.gmail.com> <28919F11-9336-41F6-9922-4E3E2DC4E935@gmail.com> <BD7B96B1-CD50-408F-AA06-49C20AB102A6@vigilsec.com> <CA+9kkMAH+U25ZhLq1HhGFHKMAECu+Y1ZJH-h4bOrEXaUQ15LjQ@mail.gmail.com> <87d225qwbq.fsf@latte.josefsson.org> <B30EDBDF-0803-4AB0-9EBB-DD726F617C5B@vigilsec.com> <2dc5d20a27664efe994398ec508f0e7e@ustx2ex-dag1mb4.msg.corp.akamai.com> <1E6924DE-D59C-4323-9658-766937368B98@vigilsec.com> <7F45C649-4C78-441E-8649-45D0F74168C2@vigilsec.com> <m2617wyu1v.wl%randy@psg.com> <CA+9kkMA18=KBtSWnS3murcFT7tfxNAe1Oi2YFNSkhOXTPDAFTw@mail.gmail.com> <m24mngytae.wl%randy@psg.com> <CA+9kkMB4uYr1SVUEqFKOB7AmPe793Mb-zAVU0GCK5d=XH9rsCg@mail.gmail.com> <m23830ysez.wl%randy@psg.com> <CA+9kkMAJ-925hQ+wawkLvEjTaf5f1JRHdrGMtCR hGt9Q8Ntc1Q@mail.gmail.com> <87bnhl511t.fsf@alice.fifthhorseman.net> <0054C9EA-8CE5-49E4-8D4A-CBC29B19FDB2@pbnj-solutions.com>
In-Reply-To: <0054C9EA-8CE5-49E4-8D4A-CBC29B19FDB2@pbnj-solutions.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms040705000405090801030304"
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/PjxM5vJpWTBNd7U6tbZzaUy7ZA8>
Subject: Re: [Acme] Proposed ACME Charter Language
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 15 May 2015 16:29:40 -0000

Paul Winkeler wrote:
>> On May 15, 2015, at 11:10, Daniel Kahn Gillmor <dkg@fifthhorseman.net>; wrote:
>>
>> If I compromise your secret key, the nicest possible thing i can do with
>> it is get it revoked.  There is no reason to prevent this action from
>> anyone who has access to the secret key.
>
> Isn’t this a means to effect a denial of service attack?

Yes.

But if an attacker has the private key you definitely want to stop the service 
using the accompanying public key cert. Because if you provide a TLS secured 
service you somewhat promise to the user that the traffic cannot be intercepted.

=> full ack with Rich's statement here

Ciao, Michael.