Re: [Acme] kinds of proof
Viktor Dukhovni <ietf-dane@dukhovni.org> Fri, 28 November 2014 21:37 UTC
Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C93AE1A1B83 for <acme@ietfa.amsl.com>; Fri, 28 Nov 2014 13:37:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a1yLFfok08Bn for <acme@ietfa.amsl.com>; Fri, 28 Nov 2014 13:37:26 -0800 (PST)
Received: from mournblade.imrryr.org (mournblade.imrryr.org [38.117.134.19]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 201F81A1B7E for <acme@ietf.org>; Fri, 28 Nov 2014 13:37:25 -0800 (PST)
Received: by mournblade.imrryr.org (Postfix, from userid 1034) id BA50C284AD4; Fri, 28 Nov 2014 21:37:24 +0000 (UTC)
Date: Fri, 28 Nov 2014 21:37:24 +0000
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: acme@ietf.org
Message-ID: <20141128213724.GG285@mournblade.imrryr.org>
References: <AD5940AA-6F01-4D0E-A4E0-19AEA56BBED3@vpnc.org> <CAL02cgTgpjQffow2XuaNuT7BtqYVttXdVUgyqBFbsAbN4g0VzQ@mail.gmail.com> <DEC7A8A8-563D-41B3-94AC-71DC7219D3F8@cisco.com> <m27fyg4yzg.wl%randy@psg.com> <547754C0.9050306@cs.tcd.ie> <20141127211348.GE25114@mournblade.imrryr.org> <54784C61.2080508@cs.tcd.ie> <20141128170917.GC285@mournblade.imrryr.org> <88B49E1D-1601-4B86-8D93-14CF71501DFC@vpnc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <88B49E1D-1601-4B86-8D93-14CF71501DFC@vpnc.org>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: http://mailarchive.ietf.org/arch/msg/acme/eaOBehtAUGm7uC0rkVh6U60r8fQ
Subject: Re: [Acme] kinds of proof
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: acme@ietf.org
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Nov 2014 21:37:28 -0000
On Fri, Nov 28, 2014 at 10:37:01AM -0800, Paul Hoffman wrote: > > * Does the web server have to be on port 443 with TLS enabled > > (perhaps with a temporary self-signed certificate)? Or is it > > sufficient to control port 80 or some other port with or without > > TLS? > > > > * If on port 443, is an existing certificate from any of the > > usual public CAs (other than LE) (if also usable as a TLS client > > cert to authenticate to the provisioning system) accepted as > > evidence of authenticity for bootstrapping trust with LE? > > Why should ability to control port 80 or 443 be a determinant > for proving control of "web server" at "domain name"? Not all web > service is run on port 80, and not all secure web service is run > on port 443. A CA can validate that the requestor can control some > HTTP service on some port at the domain name. If a CA has a policy > that is more restrictive than that, ACME can trivially support that > policy with more error codes. Because unfortunately, Web PKI certificates are host-wide, they don't specify a port. Anyone who can run some program on a machine can bind to some random port and start a web service. Possibly port-forwarded somewhere else via SSH! It is far from clear to me that every "shell" user of a machine should be authorized to obtain certificates for the whole machine. > > * If the domain is DNSSEC signed, is it reasonable (I hope) > > to raise the bar, and require proof of DNS control? Since > > bootstrapping with just web server control and no existing > > credentials is vulnerable to MiTM, and signed domains are > > making an effort to harden against such attacks? > > I disagree that ACME-the-protocol should raise the bar past what > we use for domain verification today. It's fine if a CA who uses > ACME does. The protocol is just a syntax, and indeed I asking a question about appropriate CA policy. Perhaps some guidance to CAs implementing the protocol would not be amiss. As for not raising the bar, "today" there is essentially no DNSSEC deployment (just under 1% of domains in the Alexa top 1,000,000). So this is not "raising the bar" for any established scenarios, rather asking whether we should maintain the bar at the same woefully insecure level, even when DNS is beginning to provide greater security. At the very least I would expect the CAs resolver that validates control over DNS to have DNSSEC validation turned on to drop "bogus" replies. However, I would also advocate that web server control boostrapping over much weaker channels should not bypass stronger DNS security (the domain owner has signalled the capability to authenticate control of the domain, and we should not allow downgrade attacks). -- Viktor.
- [Acme] ACME or EST? Paul Hoffman
- Re: [Acme] ACME or EST? Richard Barnes
- Re: [Acme] ACME or EST? Joe Hildebrand (jhildebr)
- Re: [Acme] ACME or EST? Richard Barnes
- Re: [Acme] ACME or EST? Nico Williams
- Re: [Acme] ACME or EST? Paul Hoffman
- Re: [Acme] ACME or EST? Tony Arcieri
- Re: [Acme] ACME or EST? Paul Hoffman
- Re: [Acme] ACME or EST? Tony Arcieri
- Re: [Acme] ACME or EST? Phillip Hallam-Baker
- Re: [Acme] ACME or EST? Michael Jenkins
- Re: [Acme] ACME or EST? Stephen Farrell
- [Acme] first order requirement - suitable as an o… Stephen Farrell
- Re: [Acme] ACME or EST? Salz, Rich
- Re: [Acme] ACME or EST? Nico Williams
- Re: [Acme] ACME or EST? Nico Williams
- Re: [Acme] ACME or EST? Randy Bush
- Re: [Acme] ACME or EST? Joe Hildebrand (jhildebr)
- Re: [Acme] ACME or EST? Stephen Farrell
- Re: [Acme] ACME or EST? Phillip Hallam-Baker
- Re: [Acme] ACME or EST? Viktor Dukhovni
- Re: [Acme] ACME or EST? Christian Huitema
- [Acme] ACME or EST? Tony Arcieri
- Re: [Acme] ACME or EST? Phillip Hallam-Baker
- Re: [Acme] ACME or EST? Christian Huitema
- [Acme] kinds of proof (was: Re: ACME or EST?) Stephen Farrell
- Re: [Acme] kinds of proof (was: Re: ACME or EST?) Phillip Hallam-Baker
- Re: [Acme] kinds of proof Stephen Farrell
- Re: [Acme] kinds of proof Salz, Rich
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] kinds of proof Eric Rescorla
- Re: [Acme] ACME or EST? Eliot Lear
- Re: [Acme] kinds of proof (was: Re: ACME or EST?) Viktor Dukhovni
- Re: [Acme] kinds of proof Phillip Hallam-Baker
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] ACME or EST? Nico Williams
- Re: [Acme] kinds of proof Viktor Dukhovni
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] kinds of proof Nico Williams
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] ACME or EST? Randy Bush
- Re: [Acme] kinds of proof Randy Bush
- Re: [Acme] ACME or EST? Richard Barnes
- Re: [Acme] ACME or EST? Randy Bush
- Re: [Acme] kinds of proof Viktor Dukhovni
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] kinds of proof Viktor Dukhovni
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] kinds of proof Tony Arcieri
- Re: [Acme] kinds of proof Eric Mill
- Re: [Acme] kinds of proof Randy Bush
- Re: [Acme] kinds of proof Peter Bowen
- Re: [Acme] kinds of proof Christian Huitema
- Re: [Acme] kinds of proof Viktor Dukhovni
- Re: [Acme] kinds of proof Peter Bowen
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] kinds of proof Peter Bowen
- Re: [Acme] kinds of proof Paul Hoffman
- Re: [Acme] kinds of proof Phillip Hallam-Baker
- Re: [Acme] kinds of proof Trevor Freeman
- Re: [Acme] kinds of proof Randy Bush
- Re: [Acme] kinds of proof Martin Thomson