IETF Logo Mail Archive

Re: [Acme] [Technical Errata Reported] RFC8555 (6950)

"Salz, Rich" <rsalz@akamai.com> Thu, 04 January 2024 15:11 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 22D38C14F5EE for <acme@ietfa.amsl.com>; Thu, 4 Jan 2024 07:11:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.004
X-Spam-Level:
X-Spam-Status: No, score=-2.004 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UMdP34HG8pLc for <acme@ietfa.amsl.com>; Thu, 4 Jan 2024 07:11:52 -0800 (PST)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0209BC14F5E9 for <acme@ietf.org>; Thu, 4 Jan 2024 07:11:51 -0800 (PST)
Received: from pps.filterd (m0050102.ppops.net [127.0.0.1]) by m0050102.ppops.net-00190b01. (8.17.1.22/8.17.1.22) with ESMTP id 404DuYJi027937; Thu, 4 Jan 2024 15:11:49 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h= from:to:cc:subject:date:message-id:references:in-reply-to :content-type:mime-version; s=jan2016.eng; bh=WYOMcicUF8dwlV69Ab apAOPzLam2Yx9UmWdsvsfSaZ0=; b=Reuxkc7zNRCEc7PcHAIGtoZ7vqfHqemLfz fEZq4Re7nc27xr57z5OrxTWSgihacaxGhv5FWTJ6dDoaVir0JqIiTZr4NbIihNax FihitgqzPiqgODXmSm9oOvBXPXqz4b7iqpLAemSn0xxuZ5J/X8iz4plugzUTzCif Mw94BIbbnfyn5TeU2023l8F6lmCx06kXH2SjRQmxp3GH37GK9CkRCL3WTJF1zjDC YEXaMPS2aonFytmcODv0sq1DvJSeobMzfpM3/PL9BZeenS4uPN/dZ5iCRFbiAjoi TWXGQfyCKMPWTlfqQfNeZkax/FMfDV2wv4juS48Sc/46M4/4fDvA==
Received: from prod-mail-ppoint7 (a72-247-45-33.deploy.static.akamaitechnologies.com [72.247.45.33] (may be forged)) by m0050102.ppops.net-00190b01. (PPS) with ESMTPS id 3va98atwex-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 04 Jan 2024 15:11:49 +0000 (GMT)
Received: from pps.filterd (prod-mail-ppoint7.akamai.com [127.0.0.1]) by prod-mail-ppoint7.akamai.com (8.17.1.19/8.17.1.19) with ESMTP id 404Dfft7014776; Thu, 4 Jan 2024 10:11:48 -0500
Received: from email.msg.corp.akamai.com ([172.27.50.201]) by prod-mail-ppoint7.akamai.com (PPS) with ESMTPS id 3vafe38d2j-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 04 Jan 2024 10:11:48 -0500
Received: from ustx2ex-dag4mb4.msg.corp.akamai.com (172.27.50.203) by ustx2ex-dag4mb2.msg.corp.akamai.com (172.27.50.201) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.28; Thu, 4 Jan 2024 07:11:48 -0800
Received: from ustx2ex-dag4mb4.msg.corp.akamai.com ([172.27.50.203]) by ustx2ex-dag4mb4.msg.corp.akamai.com ([172.27.50.203]) with mapi id 15.02.1258.028; Thu, 4 Jan 2024 07:11:48 -0800
From: "Salz, Rich" <rsalz@akamai.com>
To: Deb Cooley <debcooley1@gmail.com>
CC: "lloyd.wood@yahoo.co.uk" <lloyd.wood@yahoo.co.uk>, "acme@ietf.org" <acme@ietf.org>
Thread-Topic: [Acme] [Technical Errata Reported] RFC8555 (6950)
Thread-Index: AQHaPwt5P9U4yuvyE0SiIurlYkLsL7DJ9N0A
Date: Thu, 04 Jan 2024 15:11:48 +0000
Message-ID: <119EA69E-AA2D-4BCA-B350-5530F1880043@akamai.com>
References: <20220502083134.BDA48E5311@rfcpa.amsl.com> <CAGgd1OeY01bGe+mgNo-UjjcFyYKGVLaBPgDFOJG1dusE+R9m-Q@mail.gmail.com>
In-Reply-To: <CAGgd1OeY01bGe+mgNo-UjjcFyYKGVLaBPgDFOJG1dusE+R9m-Q@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.80.23121017
x-originating-ip: [172.27.164.43]
Content-Type: multipart/alternative; boundary="_000_119EA69EAA2D4BCAB3505530F1880043akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-01-04_09,2024-01-03_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxscore=0 adultscore=0 spamscore=0 phishscore=0 suspectscore=0 mlxlogscore=999 malwarescore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2311290000 definitions=main-2401040118
X-Proofpoint-ORIG-GUID: jn3NFJ3DSjiFPyPJ3z9UT1nJhWymrVhU
X-Proofpoint-GUID: jn3NFJ3DSjiFPyPJ3z9UT1nJhWymrVhU
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-01-04_09,2024-01-03_01,2023-05-22_02
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 clxscore=1011 suspectscore=0 mlxlogscore=999 phishscore=0 impostorscore=0 adultscore=0 mlxscore=0 malwarescore=0 priorityscore=1501 spamscore=0 bulkscore=0 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2311290000 definitions=main-2401040119
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/egqVMEFnYHfvgcyc3ZR_JOPJH_g>
Subject: Re: [Acme] [Technical Errata Reported] RFC8555 (6950)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jan 2024 15:11:56 -0000

This seems to me that it is strictly editorial; adding an explanation of how many base64 characters are needed to hold the 128 bits of (binary) entropy.  Don’t we all have that formula memorized? :). Anyhow, IMO purely editorial.

From: Acme <acme-bounces@ietf.org> on behalf of Deb Cooley <debcooley1@gmail.com>
Date: Thursday, January 4, 2024 at 7:42 AM
To: "rlb@ipv.sx" <rlb@ipv.sx>, Jacob Hoffman-Andrews <jsha@eff.org>, James Kasten <jdkasten@umich.edu>
Cc: Roman Danyliw <rdd@cert.org>, Yoav Nir <ynir.ietf@gmail.com>, "lloyd.wood@yahoo.co.uk" <lloyd.wood@yahoo.co.uk>, "acme@ietf.org" <acme@ietf.org>, RFC Errata System <rfc-editor@rfc-editor.org>
Subject: Re: [Acme] [Technical Errata Reported] RFC8555 (6950)

opinions?  Does entropy have to be measured as a base64 encoded value?

Deb

On Mon, May 2, 2022 at 4:31 AM RFC Errata System <rfc-editor@rfc-editor.org<mailto:rfc-editor@rfc-editor.org>> wrote:
The following errata report has been submitted for RFC8555,
"Automatic Certificate Management Environment (ACME)".

--------------------------------------
You may review the report below and at:
https://www.rfc-editor.org/errata/eid6950<https://urldefense.com/v3/__https:/www.rfc-editor.org/errata/eid6950__;!!GjvTz_vk!QYZHDG2KP-f7tJfC6KpmhLaWDwRt8jXtgMp9JYMNYRvHoQq4s7w0cWEeosLoDYccr8uCzak7nrUBk8nP$>

--------------------------------------
Type: Technical
Reported by: Lloyd Wood <lloyd.wood@yahoo.co.uk<mailto:lloyd.wood@yahoo.co.uk>>

Section: GLOBAL

Original Text
-------------
token (required, string):  A random value that uniquely identifies
      the challenge.  This value MUST have at least 128 bits of entropy.

Corrected Text
--------------
token (required, string):  A random value that uniquely identifies
      the challenge.  This value MUST have at least 128 bits of entropy, which in the
      base64url alphabet means a minimum string length of 22 characters if the full
      scope of the base64url alphabet is in use in the token, by:
                        log2(64^22) = 132 bits of entropy



Notes
-----
This standards-track document doesn't specify the string ramifications for entropy; I'd expect it to be called out to implementers, just the once, and then referred to later at other tokens.

If entropy is log2 the number of possible characters (64 if full base64url set of chars is in use) then
log2 (64^21) = 126
log2 (64^22) = 132

so a minimum of 22 characters are needed to get a minimum of 128 bits of entropy in the token.

But, if the random value is specified using a subset of the base64url, say because the implementer doesn't like or use CAPITALS or (most likely) the punctuation symbols, then the token must necessarily be longer to meet the local implementer entropy requirement (though just losing only the punctuation marks means you're still good and meet the requirement with 22 characters). Not sure that matters so much on the wire.

I also have editing nits about base64url being defined clearly in ABNF just for Replay-Nonce:, but then both 'base64 alphabet' and 'base64url alphabet' are in use in the document, and base64url references are to RFC4648 via RFC7515, but those are to Base64url, not to base64url... it all seems a bit inconsistent editingwise. So all the references to 'base64 alphabet' should be to 'base64url alphabet' as defined in the doc, but it should really be 'Base64url alphabet' to be consistent with references?

(I really think that it should have been called 'Base-64_url alphabet' way back when to enphasise the punctuation use, but that ship has sailed.)

To me, 'base64 alphabet' is the a-zA-Z subset of base64... I think the document could be much clearer in this regard, and I hope any doc revisions taking into account all the other errata raised consider this too.

My thanks to Lee Maguire for pointing much of this out.

Instructions:
-------------
This erratum is currently posted as "Reported". If necessary, please
use "Reply All" to discuss whether it should be verified or
rejected. When a decision is reached, the verifying party
can log in to change the status and edit the report, if necessary.

--------------------------------------
RFC8555 (draft-ietf-acme-acme-18)
--------------------------------------
Title               : Automatic Certificate Management Environment (ACME)
Publication Date    : March 2019
Author(s)           : R. Barnes, J. Hoffman-Andrews, D. McCarney, J. Kasten
Category            : PROPOSED STANDARD
Source              : Automated Certificate Management Environment
Area                : Security
Stream              : IETF
Verifying Party     : IESG

v2.23.0 | Report a Bug | By Email