Re: [Acme] Short term certificates - two options
Yaron Sheffer <yaronf.ietf@gmail.com> Thu, 21 July 2016 07:53 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9A4412DB5D for <acme@ietfa.amsl.com>; Thu, 21 Jul 2016 00:53:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SuxWiR883mRD for <acme@ietfa.amsl.com>; Thu, 21 Jul 2016 00:53:41 -0700 (PDT)
Received: from mail-wm0-x22e.google.com (mail-wm0-x22e.google.com [IPv6:2a00:1450:400c:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 43C7312DADB for <acme@ietf.org>; Thu, 21 Jul 2016 00:53:41 -0700 (PDT)
Received: by mail-wm0-x22e.google.com with SMTP id f65so12443265wmi.0 for <acme@ietf.org>; Thu, 21 Jul 2016 00:53:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding; bh=K2coebD+mv+SB488yPCN9fin4+BseWc/MfXBsMIM38s=; b=RWFG7Asz10DyYEve1f2raqZ59zCphzo1n0EFxdTASq+MTu9XsumKD5JtjCIHXZ6D9K on49235ZLMAlc/qwJ0s9tXHrPtezDIiGeszOehkNJB8Qer4R+GIhkZmszj+xwPImUmCi LY0SjDPN5pBW6XI5azc4S/x8ExiQeJLyCswGi4Zjvf2cn/RuAYqZoAoYDvr+vBs/lUB/ N432tgx2Ne/4McCDdSUnJnpIQSWB0lNwAhy2YTKUji/H/GAzF/nlq9oSmLURiwGazUEo odaCRIeb6X9cphZftJNZdNpYQFLKmrJT+EfEW2Q5j1P2wdis3wvVgxFrDZ1YcpkOCe7j q37g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=K2coebD+mv+SB488yPCN9fin4+BseWc/MfXBsMIM38s=; b=FP9pHNBeMgYe1JGCrY/cZ/z1Nj/7XCE7nj4o2IrRd93tHs24cgR5Ry79h37aQDfJ8U Vut3yqSdT695YfQG+eyv0TjKMl+71gubESiZx1VOMasq976JDqXKrIzpb3MOARCyBeRL uai1l8SHe4arEBAbspJWGnVjOWlLD9SGduxdnqiAyCmi5df3k37YyqbfjZh0Wof+mvRW +jCP5eH7mL8iaXcxtn5rCSoXyYwWkFkaP3hoKlmzDU1/GHt8dkGS4P/0J+xjO4qUOnKm 2M+Ao2luGo1/dww+WnZ3Y2sRkArNmVV9rsycv5Stj4WKu5e6Pzs8VRo8bcXt4FmlPS06 01Vg==
X-Gm-Message-State: ALyK8tKihz9ijJzvdJZ1UjcE8nxvhYANQWIEHe54ODbu1EZGmOAcQ+bxGmnJNGiZ6iHIsg==
X-Received: by 10.28.125.80 with SMTP id y77mr15128304wmc.25.1469087618807; Thu, 21 Jul 2016 00:53:38 -0700 (PDT)
Received: from ?IPv6:2001:67c:370:176:9e8:5a45:fe66:4a21? ([2001:67c:370:176:9e8:5a45:fe66:4a21]) by smtp.gmail.com with ESMTPSA id h1sm5053169wjc.19.2016.07.21.00.53.38 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 21 Jul 2016 00:53:38 -0700 (PDT)
To: Chris Drake <cnd@geek.net.au>
References: <826ed7ae-9358-a3fc-f816-bc5074395f99@gmail.com> <1769480434.20160721073216@CryptoPhoto.com>
From: Yaron Sheffer <yaronf.ietf@gmail.com>
Message-ID: <630161d7-3859-a030-2965-89ce6935661d@gmail.com>
Date: Thu, 21 Jul 2016 09:53:37 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <1769480434.20160721073216@CryptoPhoto.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/dLDHTVaJ32LE_BsV3fdxfs_wtxU>
Cc: ACME WG <acme@ietf.org>
Subject: Re: [Acme] Short term certificates - two options
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jul 2016 07:53:46 -0000
Hi Chris, The LURK CDN use case is described here: https://tools.ietf.org/html/draft-mglt-lurk-tls-use-cases-02#section-5.3 Personally I care more about the case of the TLS server being part of the cloud infrastructure (e.g. Amazon ELB or even an on-premise F5 box), and talking to enterprise-based servers that hold the long-term credentials. Thanks, Yaron On 20/07/16 23:32, Chris Drake wrote: > Hi Yaron, > > What is the use case for these? > > Kind Regards, > Chris Drake > > > Wednesday, July 20, 2016, 7:51:57 PM, you wrote: > > YS> Hi, > > YS> At the LURK BoF this week there was some interest in having a solution > YS> where a domain owner can delegate to some other entity (which we will > YS> call "the TLS server") the authority to terminate TLS connections on its > YS> behalf, using short-term certificates. These certificates allow the > YS> domain owner to terminate the TLS server's authorization when necessary, > YS> without requiring certificate revocation - which we know doesn't work > YS> reliably. The certificates' validity is measured in days, e.g. 3 days. > > YS> First, I would like to request the working group to adopt short-term > YS> certificates as a charter item. > > YS> Second, I would like the group's advice in choosing between two very > YS> different approaches to this problem. > > > YS> Option 1: Certificate Pull > > YS> This option is documented in the LURK draft [1], which will be modified > YS> to include feedback received this week, specifically to use more > YS> traditional certification request (CSR) flows. But the basic idea is > YS> very simple: > > YS> 1. TLS server generates a CSR once every 3 days for www.example.com, > YS> sends it to the domain owner using an authenticated REST API. > > YS> 2. Domain owner validates the CSR, forwards it to ACME server, gets back > YS> a short-term cert. > > YS> 3. Domain owner returns the cert to the TLS server. > > YS> If something bad happens, the domain owner simply stops forwarding > YS> requests from this particular TLS server. > > > YS> Option 2: Certificate Delegation > > YS> This option moves more of the responsibility to the ACME server. > > YS> 1. Domain owner contacts the ACME server and obtains a "delegation > YS> ticket" which is specific to the TLS server. The ticket is good for a > YS> long period, e.g. 1 year. > > YS> 2. TLS server regularly contacts the ACME server, proves ownership of > YS> the delegation ticket, and receives a short-term certificate. > > YS> If something bad happens, the domain owner contacts the ACME server and > YS> revokes the delegation ticket. > > > YS> Comparison: > > YS> 1. Option 2 is clearly more complicated to specify and to implement. > > YS> 2. Option 2 extends the ACME protocol. Many clients can ignore it, but > YS> servers will need to implement it. > > YS> 3. Option 1 requires the domain owner to have a server available > YS> regularly, even if it is only a short REST interaction once every few > YS> days. Option 2 doesn't require any such server. > > YS> 4. Option 1 looks to the ACME server as a normal cert request, and > YS> therefore will swamp the CT logs with lots of short-term certs. With > YS> Option 2, we can log to CT the issuance of the delegation ticket instead > YS> of the actual certificates. > > > YS> I would appreciate your input! > > YS> Thanks, > > YS> Yaron > > > YS> [1] https://tools.ietf.org/html/draft-sheffer-lurk-cert-delegation-00 > > > >
- Re: [Acme] Short term certificates - two options Patrick Figel
- Re: [Acme] cache poisoning Alan Doherty
- Re: [Acme] Short term certificates - two options Alan Doherty
- Re: [Acme] Short term certificates - two options Yaron Sheffer
- Re: [Acme] Short term certificates - two options Salz, Rich
- Re: [Acme] Short term certificates - two options Alan Doherty
- Re: [Acme] Short term certificates - two options Yaron Sheffer
- Re: [Acme] Short term certificates - two options Eric Mill
- Re: [Acme] Short term certificates - two options Chris Drake
- Re: [Acme] Short term certificates - two options Eric Mill
- Re: [Acme] Short term certificates - two options Chris Drake
- Re: [Acme] Short term certificates - two options Eric Rescorla
- Re: [Acme] Short term certificates - two options Chris Drake
- Re: [Acme] Short term certificates - two options Salz, Rich
- Re: [Acme] Short term certificates - two options Chris Drake
- Re: [Acme] Short term certificates - two options Salz, Rich
- Re: [Acme] Short term certificates - two options Chris Drake
- Re: [Acme] Short term certificates - two options Yaron Sheffer
- Re: [Acme] Short term certificates - two options Chris Drake
- Re: [Acme] Attribute Certificates Re: Short term … Sean Leonard
- Re: [Acme] Attribute Certificates Re: Short term … Yaron Sheffer
- Re: [Acme] Attribute Certificates Re: Short term … Richard Barnes
- Re: [Acme] Attribute Certificates Re: Short term … Yaron Sheffer
- Re: [Acme] Short term certificates - two options Yaron Sheffer
- [Acme] Attribute Certificates Re: Short term cert… Sean Leonard
- Re: [Acme] Short term certificates - two options Chris Drake
- Re: [Acme] Short term certificates - two options Carl Wallace
- Re: [Acme] Short term certificates - two options Yaron Sheffer
- Re: [Acme] Short term certificates - two options Yaron Sheffer
- Re: [Acme] Short term certificates - two options Yaron Sheffer
- Re: [Acme] Short term certificates - two options Chris Drake
- Re: [Acme] Short term certificates - two options Salz, Rich
- Re: [Acme] Short term certificates - two options Carl Wallace
- Re: [Acme] Short term certificates - two options Andrew Ayer
- Re: [Acme] Short term certificates - two options Yaron Sheffer
- Re: [Acme] Short term certificates - two options Yaron Sheffer
- Re: [Acme] Short term certificates - two options Yaron Sheffer
- Re: [Acme] Short term certificates - two options Niklas Keller
- Re: [Acme] Short term certificates - two options Sean Leonard
- Re: [Acme] Short term certificates - two options Niklas Keller
- [Acme] Short term certificates - two options Yaron Sheffer
- Re: [Acme] Short term certificates - two options Carl Wallace
- Re: [Acme] Short term certificates - two options Carl Wallace
- Re: [Acme] Short term certificates - two options Tom Ritter