IETF Logo Mail Archive

Re: [Acme] Happy Birthday ACME!

Aaron Gable <aaron@letsencrypt.org> Mon, 11 March 2024 22:54 UTC

Return-Path: <aaron@letsencrypt.org>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2C718C14CE42 for <acme@ietfa.amsl.com>; Mon, 11 Mar 2024 15:54:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=letsencrypt.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SfLJItBHFwiJ for <acme@ietfa.amsl.com>; Mon, 11 Mar 2024 15:54:24 -0700 (PDT)
Received: from mail-oa1-x33.google.com (mail-oa1-x33.google.com [IPv6:2001:4860:4864:20::33]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C7EDBC14F6FE for <acme@ietf.org>; Mon, 11 Mar 2024 15:54:24 -0700 (PDT)
Received: by mail-oa1-x33.google.com with SMTP id 586e51a60fabf-21ffac15528so2406428fac.0 for <acme@ietf.org>; Mon, 11 Mar 2024 15:54:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=letsencrypt.org; s=google; t=1710197664; x=1710802464; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=fk2oFG/kCwZSfQ2wiW9y5BTxbfcKYJTMBi48tN2JHzw=; b=GtW6H+f2Q5Di+SiLnZXVKmoG/VnQ8pLPRczmflIBu+pOrqKIXNW/Cxy6z7FIOvX/zg BsdnDHUj8ZgQRo7ku5d3+FGWQOPpDZekAjOW6ABL9NpZY7YVsCwhU252a3rvGZ96PbCY eLtSTHsLKKiuCUWvdnJf1K2reLUehSjMOqZMM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710197664; x=1710802464; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=fk2oFG/kCwZSfQ2wiW9y5BTxbfcKYJTMBi48tN2JHzw=; b=Pp4+oSr20uzlOTW8Wm6PFFQqjGVg/Wfk+8O6TieXYUniIK7etHjfsCATpDTyzft3O5 k9dbKpDzjpx7NTMmxkOi67g7Fpsq6zbLAupohrrhWms//07LRLQoQQwohB0bWIOwngOn jSRY4E7W7p9JzIzcPPct7tMqYsXCW4lzflIxYd8CJB27/ZU40Os8/Vp8BU692rgJDO+j UcUaXc5FVCBsaxR/dZDUcWFED4dsPIhZaiOpEq9QSQFEPTyig+9H2I2zwqrnJH/byVju UZnZEscmQ1LSgtWnB6bmYeFxAWaCRMaKEw9oqHiKQsZf2P9npoOY1ot9vG7TY+n9In+s Y+Rg==
X-Gm-Message-State: AOJu0YyMLH8/VXhqWXDIkGuGJTV6VpZLaXX8FAGxKRO9b6Ge8ElAhSHS 5NaDUqLkvAM/rwKslj7Oz7LhbElgho7fNML+0FRpAcdHn4E5fNy/ss9j+GxqbLoW0EOPaSBayZo LMlXjxRWh6SFD1Z4kYE/28lys/FEGG14QkVT5xpytNBa31qLV
X-Google-Smtp-Source: AGHT+IFsgsh2XRmeZXUy9puw3XQikrAYt8z15kw7ueJZ+GpBV/84WAl7hZxnIWYTq4mlIT1FvR/+bayBLw178ePYxkg=
X-Received: by 2002:a05:6871:520a:b0:21e:6669:c3b4 with SMTP id ht10-20020a056871520a00b0021e6669c3b4mr9174307oac.35.1710197663963; Mon, 11 Mar 2024 15:54:23 -0700 (PDT)
MIME-Version: 1.0
References: <MW4PR17MB4729CE648A221338301FF016AA242@MW4PR17MB4729.namprd17.prod.outlook.com>
In-Reply-To: <MW4PR17MB4729CE648A221338301FF016AA242@MW4PR17MB4729.namprd17.prod.outlook.com>
From: Aaron Gable <aaron@letsencrypt.org>
Date: Mon, 11 Mar 2024 15:54:13 -0700
Message-ID: <CAEmnErf6Sde_Vn1dRadZLV3u18-6FUFc3QeZspjJ=2ACPDCs6w@mail.gmail.com>
To: Rob Stradling <rob=40sectigo.com@dmarc.ietf.org>
Cc: "acme@ietf.org" <acme@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000041bc7f06136a6cdf"
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/jYEq6cFLeJdRZQ9EnAOWTOBk2bY>
Subject: Re: [Acme] Happy Birthday ACME!
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Mar 2024 22:54:29 -0000

Happy birthday, RFC8555!

I've thought frequently about the idea of an ACME-bis over the last few
years. I have a note going since at least 2022 which I occasionally add new
ideas to, and I've had a few offline conversations with others about
their wishlists. At the end of the day, I think only two of the changes I'd
like to make are backwards-incompatible:

1. All URLs (new-order, authorizations, challenges, finalize, etc) should
be constructable just from the ACME server's root path and an ID, rather
than requiring the Directory to list all the top-level endpoints, and for
order objects to list all the authorization and certificate URLs. To the
best of my understanding, the ACME API URLs are completely unspecified due
to an overly-strict reading of an older IETF best-practice which said that
RFCs should not mandate path structure on servers. But it turns out that,
as long as the server gets to pick the root path however it wants, it's
totally fine to mandate structure below that root path. We should do so.

2. I think it is unfortunate that the finalize request includes a CSR. This
requires ACME client implementations to have x509/ASN.1/DER encoding
capabilities, and incentivizes server implementations to take the lazy
route (copying values straight from the CSR to the issued certificate)
instead of being very careful and intentional with the values in the issued
cert. The only advantages of the CSR are that it acts as a container for
the pubkey, and that it can carry additional information (such as requests
for extensions) that the server might honor. Both of these can be replaced
by, in my opinion, cleaner mechanisms.

Everything else that I'd love to include in an ACME-bis could be done as
add-on documents without obsoleting 8555 itself:

3. Profile advertisement in the Directory, and profile selection in the
new-order request. (Unless we wanted to replace the current
notBefore/notAfter fields, in which case this also becomes a
backwards-incompatible change.)
4. Presenting the desired pubkey at new-order time, and implementing true
proof-of-control via the same authorization/challenge system as ACME
provides for other information (identifiers) to be included in the
certificate. (Notably, using the challenge system for this also allows for
demonstrating proof of control over KEM pubkeys which cannot produce
traditional signatures, which may be important in the post-quantum
cryptography era.)

As for incorporating other existing documents (such as TLS-ALPN-01,
ACME-IP, ACME CAA, etc), I'm truly not sure what the best practice is. I
think they should probably be left as-is as long as they're compatible with
a hypothetical ACME-bis, and incorporated directly into ACME-bis if they
would become incompatible with it. (For example, ACME-IP could be left
untouched, as it simply registers a new identifier type, while RFC 9115
ACME Delegated Certificates would likely need to be updated due to its
heavy reliance on the CSR.)

Thanks for starting this discussion!
Aaron

On Mon, Mar 11, 2024 at 2:08 PM Rob Stradling <rob=
40sectigo.com@dmarc.ietf.org> wrote:

> RFC8555 was published [1] 5 years ago today!
>
> Just thinking aloud, 'cos I'm curious what folks here think...
> At what point might it make sense to start work on an 8555-bis?
>
> There's a fairly long list of Errata [2]: 10 Verified, 5 Reported, and 4
> Held for Document Update.
>
> Would it make sense for an 8555-bis document to incorporate and obsolete
> any of the "add-on" RFCs / I-Ds, such as RFC8738, that have been published
> since RFC8555?  Or, conversely, would it be preferable to not do that?
>
> With 5 years of deployment experience behind us, have any "missing"
> features in RFC8555 been identified that would be best addressed by
> updating the core specification (i.e., in an 8555-bis document) rather than
> by writing new "add-on" I-Ds?  Or, conversely, are "add-on" I-Ds always the
> preferred approach?  (The "missing" feature that immediately springs to my
> mind is "profiles" [3]).
>
>
> [1]
> https://mailarchive.ietf.org/arch/msg/rfc-dist/25pD6Za_dVkXMbJwyPhBJR6nIlo/
> [2] https://www.rfc-editor.org/errata_search.php?rfc=8555
> [3]
> https://mailarchive.ietf.org/arch/msg/acme/BLVAayrTrUCegT4s2twci3Q2BY8/
>
> --
> Rob Stradling
> Senior Research & Development Scientist
> Sectigo Limited
>
> _______________________________________________
> Acme mailing list
> Acme@ietf.org
> https://www.ietf.org/mailman/listinfo/acme
>

v2.23.0 | Report a Bug | By Email