Re: [Acme] ACME signature mechanics

"Manger, James" <James.H.Manger@team.telstra.com> Mon, 08 December 2014 07:15 UTC

From: "Manger, James" <James.H.Manger@team.telstra.com>
To: Richard Barnes <rlb@ipv.sx>
Date: Mon, 08 Dec 2014 18:15:35 +1100
Thread-Topic: [Acme] ACME signature mechanics
Thread-Index: AdAStHwHzfxL5PPwRgSpi3Ok2vOPrgAAV8zw
Message-ID: <255B9BB34FB7D647A506DC292726F6E127D52051C8@WSMSG3153V.srv.dir.telstra.com>
References: <255B9BB34FB7D647A506DC292726F6E127D5205188@WSMSG3153V.srv.dir.telstra.com> <CAL02cgRnJmB4Ea9D38vZhnS4_aRACkieZnPvDaF2AtDTaB8jXA@mail.gmail.com>
In-Reply-To: <CAL02cgRnJmB4Ea9D38vZhnS4_aRACkieZnPvDaF2AtDTaB8jXA@mail.gmail.com>
Accept-Language: en-US, en-AU
Content-Language: en-US
acceptlanguage: en-US, en-AU
Content-Type: multipart/alternative; boundary="_000_255B9BB34FB7D647A506DC292726F6E127D52051C8WSMSG3153Vsrv_"
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/acme/kdKNWaUVJL2v-sIB8BfeDqX47V8
Cc: "acme@ietf.org" <acme@ietf.org>
Subject: Re: [Acme] ACME signature mechanics
Precedence: list

2. Appending ‘path’ to ‘.well-known/acme-challenge’ as part of a simpleHttps challenge (section 6.1) looks dangerous if not done carefully. What if ‘path’ is “../../user/alice/whatever”?

Suggestion: I would be tempted to say: “take the ‘path’ string value, UTF-8 encode it, base64url-encode those bytes, then append to ‘.well-known/acme-challenge’”.

> Good point.  It seems like a simpler solution would just be to require that the "path" value meet a certain ABNF, e.g., the URL-safe base64 alphabet.  The only reason that the client provides the path is to let it avoid collisions if it has multiple validations in progress, so there's not a need for it to be especially expressive.

That might be simpler, but it relies on clients doing input validation on ‘path’. Telling the client to B64 whatever it gets might be just a smidgen safer.

--
James Manger

[Acme] ACME signature mechanics Manger, James
Re: [Acme] ACME signature mechanics Richard Barnes
Re: [Acme] ACME signature mechanics Manger, James
Re: [Acme] ACME signature mechanics Richard Barnes
Re: [Acme] ACME signature mechanics Anders Rundgren
Re: [Acme] ACME signature mechanics Richard Barnes
Re: [Acme] ACME signature mechanics Anders Rundgren
Re: [Acme] ACME signature mechanics Anders Rundgren
Re: [Acme] ACME signature mechanics Nico Williams
Re: [Acme] ACME signature mechanics Nico Williams
Re: [Acme] ACME signature mechanics Anders Rundgren
Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
Re: [Acme] ACME signature mechanics Nico Williams
[Acme] Integrated with CSR. Re: ACME signature me… Anders Rundgren
Re: [Acme] ACME signature mechanics Trevor Freeman
Re: [Acme] ACME signature mechanics Martin Thomson
Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
Re: [Acme] ACME signature mechanics Nico Williams
Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
Re: [Acme] ACME signature mechanics Nico Williams
Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
Re: [Acme] ACME signature mechanics Trevor Freeman
Re: [Acme] ACME signature mechanics Anders Rundgren
Re: [Acme] ACME signature mechanics Anders Rundgren
Re: [Acme] ACME signature mechanics Anders Rundgren
Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
Re: [Acme] ACME signature mechanics Hannes Tschofenig
Re: [Acme] ACME signature mechanics Hannes Tschofenig
Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
Re: [Acme] ACME signature mechanics Hannes Tschofenig
Re: [Acme] ACME signature mechanics Anders Rundgren
Re: [Acme] ACME signature mechanics Trevor Freeman
Re: [Acme] ACME signature mechanics Phillip Hallam-Baker
Re: [Acme] ACME signature mechanics Anders Rundgren
Re: [Acme] ACME signature mechanics Anders Rundgren
Re: [Acme] ACME signature mechanics Martin Thomson
Re: [Acme] ACME signature mechanics Anders Rundgren