[Acme] Re: ACME and PLANTS
David Benjamin <davidben@chromium.org> Fri, 13 March 2026 04:55 UTC
Return-Path: <davidben@google.com>
X-Original-To: acme@mail2.ietf.org
Delivered-To: acme@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id B8C0AC93C2B7 for <acme@mail2.ietf.org>; Thu, 12 Mar 2026 21:55:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -9.499
X-Spam-Level:
X-Spam-Status: No, score=-9.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (1024-bit key) header.d=chromium.org
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qv_AZyfh3-Fx for <acme@mail2.ietf.org>; Thu, 12 Mar 2026 21:55:08 -0700 (PDT)
Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id E82BBC93C2AC for <acme@ietf.org>; Thu, 12 Mar 2026 21:55:08 -0700 (PDT)
Received: by mail-ej1-x62d.google.com with SMTP id a640c23a62f3a-b9358bc9c50so231232066b.1 for <acme@ietf.org>; Thu, 12 Mar 2026 21:55:08 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1773377708; cv=none; d=google.com; s=arc-20240605; b=ajsV+ovDQmfZBoxwoUdNSJbvHYGwrG9rgl9+OUJ7Ff1TKd46eZKImCM8On2Fh5RKQD h01zePoJSTf2TAFeZh3Gv4kCuSvlRjQcXkKdJbzTmWs+KqsmaNI9aoYPnK+OluAo3BIS /z7NIhyE44y9qULD+rAYdh2ZQHSClr9hcT5mKWRzZmhj/wm5omt1D65WIVpenY5epHqB yGFEwwyavWBRf1DB9Q2EK8D/SzI+IpeLkA9FgmJmQ9USu7rbgWS/U0230/spEdZIv8GR PMOzf0/AkmE+7sx8sFGtHUimoWB4Mcay0fIX7WlFg+5XsNUrBhAlxKMctzp8r6Fr1bVi FPaw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:dkim-signature; bh=CHjYDmfx6Q6Hzhc6NEEORZ6zh1RS7ZIBKLdSegMZ400=; fh=dfg63cjXKbJRGO1qmnz56KAeG6u2CNWIbh6NZKw3QYc=; b=BN0X/FZCyl3qFwYK20G+lx0hMJKcBlxGEiL/9evyhk4SdhiZ6QJGqLvqJqJbhrvnOk gEDMXgJwV1ZybO8HqLX1KZ327EIurE6cxYszqmvoNmVapKv9PMjHfMLtb3NUy7IqUXEI hOmhzLLpEjE23aQq1wi6ev20LKg/5IIQ9cBnKhFyFUT2SiYjTljizUJHEvl4tPCvu7mO bTeViL4xDdeJPDy1iwZHGQTasXRZlKLOa0zBmb71I/1VzzgZRn+AFjBHnjutSmm2vo3k Co0vOxwBoDHYKQTVPXJsfY+PN9AKTC95BzEceO0L+VvYdXBZAb/qtlY0KLBbpSmvTMKj frjw==; darn=ietf.org
ARC-Authentication-Results: i=1; mx.google.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1773377708; x=1773982508; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=CHjYDmfx6Q6Hzhc6NEEORZ6zh1RS7ZIBKLdSegMZ400=; b=GROAXxYVAv0stECDUBHjtPdIEbfNy0IlOd5vn1PwKSa8jU3D81zkirrxDaE6AEfLXF XVQj+/boM6s8GMnWqhWIDyDB2cWgfZpdAOeHnWAp9gY3d/mc1BZFc6CKP+FVn/kn+I2m j/8SerDCk03974prIxBD/oYfm+iLDWELwxvA4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1773377708; x=1773982508; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-gg:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=CHjYDmfx6Q6Hzhc6NEEORZ6zh1RS7ZIBKLdSegMZ400=; b=Ecl6k+3clXBSyAxR3tmRMoMyG0/4QNGpAjM0G8BmxCU0PSyQzzktPF0chGLbS7oO0t I3TnYmcrAyLO6rJaLprRZSCtWmB6302aXN7gtoW4L0/KSO2YYzdderSP4J59rtJIRvJM RVB7KTMyXqShhaa38PJlbBBs3VV67LikaKE1EWv5RvMKxWEg9yChnsSAjdQLBGqCP/+E nO7ZLr0e2AY9mAOjhAEEyeM6f2AQvuSO6ccU4CJS5usBQ9qh7d9G4XZuNeH05JlVcDfG 2ZxzPwEURFryy1oy5d3T4RpkKm+2K1/skc96LdG8o5neyvnaesMNUGevYrdGs/MzDm26 mXhQ==
X-Gm-Message-State: AOJu0YyjRpBwNShJseq0cdrjfj3OGAZL6HcPZf4MVpvhmgsbk/npad1F Hl4MkY2tlAILPsUBJ0I/rxUTRMkxlpdJmQ+otPlkBc1/GqyKSQOW9VsMwWaAVvnB5HBihPxgnR+ XRgUofnCqYLFp4r+ooT5Pbek5gO6jNfOEs4nzUeMZAGDyOW08uR3ctQn/tD1I
X-Gm-Gg: ATEYQzzJPzKSbeEUW3uKUaUoVrkEiBbwJkuo+tHTvO1FwgcMkwSWfCzyOlNyg8H8lsv +AD9lv4kO1FA/5Y+xNRsd9pdrwPBhJVnbG9Ji88Kop3NARKYapiSupHqsg3m06tIBtHvv70ZjEx o8ExPB8PvkI0OD0+0k1Lnn91hv3t+VVwHTnI7D25EPG3WwN8TF5NEVMJ2YK1lWDcTq+Xd4ZZmnX jcWFfRqIpIrr7rr29Y4I0Q1bZ2x1fvcnghfH1mbv2yyz+PpaWFnpw0Nt0gGKHtk9ZVaXwTkXtyC Ud9HxuJEd96PtHNG8cWbTPWAvJ72RhJj/kYo6kFBavDTOl/YAQ==
X-Received: by 2002:a17:907:86a5:b0:b8e:d04e:e506 with SMTP id a640c23a62f3a-b9765402435mr98327866b.57.1773377707379; Thu, 12 Mar 2026 21:55:07 -0700 (PDT)
MIME-Version: 1.0
References: <CAF8qwaApZbT5C1q3-g5yTPxYJTuJeZqMgb=_Gu=hqYRnrtiJkA@mail.gmail.com> <abMdm49TFzXz5K4H@LK-Perkele-VII2.locald>
In-Reply-To: <abMdm49TFzXz5K4H@LK-Perkele-VII2.locald>
From: David Benjamin <davidben@chromium.org>
Date: Fri, 13 Mar 2026 12:54:49 +0800
X-Gm-Features: AaiRm5294EylgmLaEsTTdsK8SqZvoRF0hclmswxrlbR3vku4tWlEXfECZjr7AVY
Message-ID: <CAF8qwaCfV8G52oGMbuktBZ_-mvmaPghD5Zi_eZpdrad_+E3R4Q@mail.gmail.com>
To: Ilari Liusvaara <ilariliusvaara@welho.com>
Content-Type: multipart/alternative; boundary="0000000000004de6c6064ce0ac99"
Message-ID-Hash: AVCOKVYBHDMURBKDZBZRUKWT3SXXTT3E
X-Message-ID-Hash: AVCOKVYBHDMURBKDZBZRUKWT3SXXTT3E
X-MailFrom: davidben@google.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-acme.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: IETF ACME <acme@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [Acme] Re: ACME and PLANTS
List-Id: Automated Certificate Management Environment <acme.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/XAD1yUA8RlJSX3o6kM9Hfwk7-vg>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Owner: <mailto:acme-owner@ietf.org>
List-Post: <mailto:acme@ietf.org>
List-Subscribe: <mailto:acme-join@ietf.org>
List-Unsubscribe: <mailto:acme-leave@ietf.org>
On Fri, Mar 13, 2026 at 4:10 AM Ilari Liusvaara <ilariliusvaara@welho.com> wrote: > On Fri, Mar 13, 2026 at 01:53:09AM +0800, David Benjamin wrote: > > > > > The draft has an initial pass at how to put them together here. Happily, > it > > seems ACME is already rich enough to express what MTC needs, with fairly > > minimal additions/guidance: > > > > > https://www.ietf.org/archive/id/draft-ietf-plants-merkle-tree-certs-02.html#name-acme-extensions > > I presume the logical ACME server used and profile (if any) in order > creation determines if order will result MTC or traditional X.509 > certificate? > Yup. You can think of MTCs as "just" a very funny signature scheme for signing certificates. So it's all flavors of picking which CA instance to respond with, whether a MTC CA instance vs a traditional CA instance, or a PQ CA instance vs an ECDSA CA instance. > Also, using different content-type does not seem necessary. The > properties can be included as PEM member of new type. Any client that > can install MTC certificate can parse such member. > RFC 8555 describes a subset of general PEM, even if practically everyone will run it through a general, permissive PEM parser. https://www.rfc-editor.org/rfc/rfc8555.html#section-9.1 The text reads to me as being inextensible ("A file of this type contains one or more certificates encoded with the PEM textual encoding"), which suggests a new MIME type would be prudent. But if I'm misreading and application/pem-certificate-chain is actually meant to be extensible, we can flip that around. Whatever folks prefer. > Then, that idea of how to distribute landmark certificates is > not going to work, because it is far too difficult for clients to > implement (due to asynchronous issuance). > > I suppose the easiest method of dealing with distribution of landmark > certificates is unauthenticated GET from somewhere... > Hmm. I'm somewhat unclear on why saving one URL to resume later, vs saving another URL to resume later, would be more difficult to implement for an ACME client, but I'm sure my mental model is incorrect. Is it because of the need to authenticate download URLs? (Very, very, very) naively, I assumed the ACME client would wake up, look at whatever its current state is and decide... - Are my certificates soon to expire? Make a new order. - Do I have saved state from a pending order? Go nudge that state along, e.g. trying to redownload any unfinished alternate URLs. Then the server operator would glue it all together by arranging for the ACME client to run on a cron job. And since that cron job both has access to authentication and ACME state, the fact that ACME authenticates all its URLs is not a huge deal. A separate unauthenticated URL would suggest a world where the server operator has a *separate* scheduled job that's have the ACME account key, but does have read/write access to certificate state. I assumed that doesn't currently exist and we may as well piggy-back off the existing job schedulingn. I gather this does not match how you think about this? > > Some context: > > > > These slides > > < > https://datatracker.ietf.org/meeting/124/materials/slides-124-plants-solution-space-and-dispatched-work-00 > > > > from the BoF are a good starting point for how MTC works. The ACME > > interaction is that, for each certificate request, an MTC CA returns two > > certificates: a “standalone certificate” (large, immediate, generally > > usable) and a “landmark certificate” (small, delayed, not generally > usable, > > optional). The CA... > > > > 1. Validates the certificate request. > > 2. Appends the information to a log, signs it, etc. This step constitutes > > issuance. > > 3. Constructs a standalone certificate that serves as proof of this > > issuance. > > 4. Waits some time (hours) for a “landmark” to be allocated. > > 5. Constructs a landmark certificate that serves as an alternate proof of > > this same issuance. > > > > MTC wants a way to configure ACME to deliver both certificates (one > > immediately and one that the ACME client can optionally retrieve later, > > after some delay), along with any metadata needed for the TLS server > (etc) > > to select between the two. > > ACME is not suited for delivering the landmark one due to too high > latency. > > > > The current proposal is to use ACME's existing alternate URLs feature, > > modeling the delay with the HTTP Retry-After header from RFC 9110. > (Another > > option is to make multiple orders. That would let us model the delay with > > the "processing" status, but since it’s one validation and issuance > event, > > one order + alternate URLs seemed a better fit.) > > Multiple orders would be a major mess. And "processing" status also has > to be relatively quick, as ACME clients can not deal with high latency > there. > > > > > -Ilari > > _______________________________________________ > Acme mailing list -- acme@ietf.org > To unsubscribe send an email to acme-leave@ietf.org >
- [Acme] ACME and PLANTS David Benjamin
- [Acme] Re: ACME and PLANTS Ilari Liusvaara
- [Acme] Re: ACME and PLANTS David Benjamin
- [Acme] Re: ACME and PLANTS Mike Ounsworth
- [Acme] Re: ACME and PLANTS Michael Richardson
- [Acme] Re: ACME and PLANTS Michael Richardson
- [Acme] Re: ACME and PLANTS David Benjamin
- [Acme] Re: ACME and PLANTS Ilari Liusvaara
- [Acme] Re: ACME and PLANTS Ilari Liusvaara
- [Acme] Re: ACME and PLANTS Michael Richardson
- [Acme] Re: ACME and PLANTS Aaron Gable
- [Acme] Re: ACME and PLANTS Ilari Liusvaara
- [Acme] Re: ACME and PLANTS Ilari Liusvaara
- [Acme] Re: ACME and PLANTS Aaron Gable
- [Acme] Re: ACME and PLANTS Ilari Liusvaara
- [Acme] Re: ACME and PLANTS Jacob Hoffman-Andrews
- [Acme] Re: ACME and PLANTS Seo Suchan
- [Acme] Re: ACME and PLANTS Aaron Gable
- [Acme] Re: ACME and PLANTS Michael Richardson
- [Acme] Re: ACME and PLANTS Ilari Liusvaara