IETF Logo Mail Archive

Re: [Acme] Happy Birthday ACME!

James Kasten <jdkasten@umich.edu> Wed, 13 March 2024 03:32 UTC

Return-Path: <jdkasten@umich.edu>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D9A62C14F6BC for <acme@ietfa.amsl.com>; Tue, 12 Mar 2024 20:32:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=umich.edu
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L0zf46jEyPcT for <acme@ietfa.amsl.com>; Tue, 12 Mar 2024 20:32:12 -0700 (PDT)
Received: from mail-yw1-x1132.google.com (mail-yw1-x1132.google.com [IPv6:2607:f8b0:4864:20::1132]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 415BEC14F6B9 for <acme@ietf.org>; Tue, 12 Mar 2024 20:32:11 -0700 (PDT)
Received: by mail-yw1-x1132.google.com with SMTP id 00721157ae682-609f1b77728so59904977b3.3 for <acme@ietf.org>; Tue, 12 Mar 2024 20:32:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=umich.edu; s=google-2016-06-03; t=1710300731; x=1710905531; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=qZMycJSAo09bcCVP1xGsj/2fe2Rrp8oi6eK/K6w5aPw=; b=d9Q/xkx/E6rUO37+koB+VBL25QpQoDHta5ec6Yn+soy1jIZuLDmASTLrl/vdfYQZo9 VuGFbsAAU8qvlrBspYWMQUaiEdz78+zeGnd6j9V5igPUB/2n0EwSYNm41J8q7IVWFzX/ k0EIDM8dHGgwA5VLpoQgovYMvfJghXGtEEjHTa1nXg22/Jdh5+d2l5k3MIOew/wZqj5Q ZVGvUwBMaNIlECItCVUrnsAau86NrSrUzvBgBf9gW5bWnaVq6+A6ie68bc2MD3KsnVUF xmHt7v6Tvs57Q0p0clehZm7uWc5ZvUdzMdP48Rq9kHipHiR8g2f0MkZKJqAajUEwofHD NGyQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710300731; x=1710905531; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=qZMycJSAo09bcCVP1xGsj/2fe2Rrp8oi6eK/K6w5aPw=; b=M/XYqBW1BPSIfku7xTG2KKj7eFedtY71hSTmm6/XW5EkGTfnCslK4QHIprCRc+rlLR 6VVDk8Y5Kzbsc/9Ogvj0SaDCtWg+SDXYmLe1VunUCDMBXvAqFZl3xMXrFh39QMhCmAOn zFHhKMMKMifm3q/BK3erB8QCF2GDQTFfzZA0sXQPxKlXQ/1vanQ3fYqpPNX3WJ5uZBFS zrDE5gLrKWj4yNmHNPFfS4oEI4iPdGU0hBfP97gBOEj6iFeM6JaP3m3TGhralAnQA1qW n1X7WfKw18W5wjar1x4SUFi8ZZboc/LYCuDxA7b8W89j47EzyOqf0DP2mKl4GCxtKhPi 0CPw==
X-Gm-Message-State: AOJu0Yy7TmR9mv2l+10WCtG1bv0s4N7/S/7zYONkDBBZEQh7d186ct2o YzfklA+7TXJZ+WaAZZ0SCxolmk2575Gq7LyVBUBH+++0JyOijVAFOJwPgsGbJJhK3HxXl3Flfie iz5oK++DDYVRrlq3aqIDig0GrPqLpn/RT4Zv70ABsylOlBAzT2i4=
X-Google-Smtp-Source: AGHT+IFoIxun7kgfcIWSptvmNtm2i614L4ZeLlbpLLw+xIgztgAdk92QBQteYysV227JhHBMTtdbLmEK4bWWy5E7W+M=
X-Received: by 2002:a0d:eb81:0:b0:60a:15c9:1600 with SMTP id u123-20020a0deb81000000b0060a15c91600mr1541273ywe.37.1710300730757; Tue, 12 Mar 2024 20:32:10 -0700 (PDT)
MIME-Version: 1.0
References: <MW4PR17MB4729CE648A221338301FF016AA242@MW4PR17MB4729.namprd17.prod.outlook.com>
In-Reply-To: <MW4PR17MB4729CE648A221338301FF016AA242@MW4PR17MB4729.namprd17.prod.outlook.com>
From: James Kasten <jdkasten@umich.edu>
Date: Tue, 12 Mar 2024 20:31:59 -0700
Message-ID: <CAAEpsx9_wz3eF1VaJZ9gs=aMvHaWXQ+GappX85OYN9s1yk1Mdg@mail.gmail.com>
To: Rob Stradling <rob=40sectigo.com@dmarc.ietf.org>
Cc: "acme@ietf.org" <acme@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008427f40613826bcb"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/XPXdJuR-xHgLNgp6lkp5cLom9yk>
Subject: Re: [Acme] Happy Birthday ACME!
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2024 03:32:16 -0000

Thanks for starting the discussion, Rob!

One aspect of RFC 8555 that is quite clunky in practice is utilizing the
notBefore/notAfter dates in the new-order request [1
<https://datatracker.ietf.org/doc/html/rfc8555#section-7.4>].

I believe there are a few problems with it.

   1. "new-order" may be well before issuance - Most clients/servers use
   the new-order workflow, meaning that they request a new-order before
   attempting authorizations. If the client is slow to finish their
   authorizations, it is possible the server may not be willing to finalize
   the order with the agreed-upon timestamps by the time the client gets
   around to issuance. In particular, the notBefore timestamp may be too far
   in the past by finalization. Additionally, the server is forced to check
   the validity period multiple times. Google Trust Services recommends not
   setting the notBefore at all and allowing the server to set it upon
   issuance.
   2. Precise timestamps - RFC 5280 notBefore/notAfter timestamps are
   difficult to get exactly right given that the notAfter timestamp is
   inclusive [2
   <https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5>] and
   that there may be client/server differences in the interpretation of leap
   seconds [3
   <https://github.com/cabforum/servercert/blob/main/docs/BR.md#632-certificate-operational-periods-and-key-pair-usage-periods>].
   Google Trust Services allows users to issue certificates with slightly
   higher bounds than the recommended to avoid problems with the client logic
   like notAfter = notBefore + X days from failing when the server attempts to
   validate the order. If the client uses the trick from #1 and doesn't
   specify the notBefore, the server may additionally default to backdating by
   a small amount to deal with clock skew and push the full order's validity
   period over the policy restrictions and ultimately reject the request. All
   of this has to be accounted for when calculating the hard policy on the
   ACME server. This is truly problematic for certificates with special
   requirements on the validity period or where the server may change
   functionality based upon the duration of the certificate. For instance,
   short-lived certificates as defined in the Baseline Requirements [4
   <https://github.com/cabforum/servercert/blob/main/docs/BR.md#161-definitions>,
   5
   <https://github.com/cabforum/servercert/blob/main/docs/BR.md#4911-reasons-for-revoking-a-subscriber-certificate>
   ].
   3. Clock skew - I know several CAs will backdate their notBefore to
   avoid unnecessary issues with clock skew. I haven't analyzed the problem
   recently, but pushing this complexity onto the client seems unnecessary.

ACME server implementations may be tempted to treat the notBefore and
notAfter timestamps as a duration and modify them at issuance, but this is
against the current specification. "The server MUST return an error if it
cannot fulfill the request as specified, and it MUST NOT issue a
certificate with contents other than those requested." [1
<https://datatracker.ietf.org/doc/html/rfc8555#section-7.4>]

Ultimately, I believe clients would be better served if they were only
required to specify a duration within the new-order request. The server
should figure out the exact timestamps at issuance.

Best,
James

[1] https://datatracker.ietf.org/doc/html/rfc8555#section-7.4
[2] https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.5
[3]
https://github.com/cabforum/servercert/blob/main/docs/BR.md#632-certificate-operational-periods-and-key-pair-usage-periods
[4]
https://github.com/cabforum/servercert/blob/main/docs/BR.md#161-definitions
[5]
https://github.com/cabforum/servercert/blob/main/docs/BR.md#4911-reasons-for-revoking-a-subscriber-certificate

On Mon, Mar 11, 2024 at 2:08 PM Rob Stradling <rob=
40sectigo.com@dmarc.ietf.org> wrote:

> RFC8555 was published [1] 5 years ago today!
>
> Just thinking aloud, 'cos I'm curious what folks here think...
> At what point might it make sense to start work on an 8555-bis?
>
> There's a fairly long list of Errata [2]: 10 Verified, 5 Reported, and 4
> Held for Document Update.
>
> Would it make sense for an 8555-bis document to incorporate and obsolete
> any of the "add-on" RFCs / I-Ds, such as RFC8738, that have been published
> since RFC8555?  Or, conversely, would it be preferable to not do that?
>
> With 5 years of deployment experience behind us, have any "missing"
> features in RFC8555 been identified that would be best addressed by
> updating the core specification (i.e., in an 8555-bis document) rather than
> by writing new "add-on" I-Ds?  Or, conversely, are "add-on" I-Ds always the
> preferred approach?  (The "missing" feature that immediately springs to my
> mind is "profiles" [3]).
>
>
> [1]
> https://mailarchive.ietf.org/arch/msg/rfc-dist/25pD6Za_dVkXMbJwyPhBJR6nIlo/
> [2] https://www.rfc-editor.org/errata_search.php?rfc=8555
> [3]
> https://mailarchive.ietf.org/arch/msg/acme/BLVAayrTrUCegT4s2twci3Q2BY8/
>
> --
> Rob Stradling
> Senior Research & Development Scientist
> Sectigo Limited
>
> _______________________________________________
> Acme mailing list
> Acme@ietf.org
> https://www.ietf.org/mailman/listinfo/acme
>

v2.23.0 | Report a Bug | By Email