Re: [Acme] kinds of proof

Eric Mill <> Sun, 30 November 2014 06:30 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 1B2A91A0242 for <>; Sat, 29 Nov 2014 22:30:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id aiBQ-dGiAe5c for <>; Sat, 29 Nov 2014 22:30:54 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id BDEA11A0078 for <>; Sat, 29 Nov 2014 22:30:54 -0800 (PST)
Received: from (unknown []) by (Postfix) with ESMTP id 94289229EE for <>; Sun, 30 Nov 2014 01:30:52 -0500 (EST)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed;; h=mime-version :in-reply-to:references:from:date:message-id:subject:to:cc :content-type; s=sasl; bh=16qjeSEhblRYdwPHH8hhiqKBx58=; b=iT7fqN Ynmi0Im/0ZE63ISqQZEANLtDlRorg2kruc/EiGzUQboHaX65eZd7UrmEsZ/w1U5S Vbi3l+3ISodNn2Q0jrpsdf+TvbjzY2kyEP3gYs7UxE8LXmy7NmJRe0oJagmyASSQ ONGC9QsWtbIcfJO1ntQ3NHfBaXFh0s6kiFPFg=
Received: from (unknown []) by (Postfix) with ESMTP id 8AE6D229ED for <>; Sun, 30 Nov 2014 01:30:52 -0500 (EST)
Received: from (unknown []) (using TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id 059D3229EB for <>; Sun, 30 Nov 2014 01:30:51 -0500 (EST)
Received: by with SMTP id e131so6154307oig.38 for <>; Sat, 29 Nov 2014 22:30:51 -0800 (PST)
X-Received: by with SMTP id u203mr30354049oia.54.1417329051060; Sat, 29 Nov 2014 22:30:51 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Sat, 29 Nov 2014 22:30:09 -0800 (PST)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <> <> <> <>
From: Eric Mill <>
Date: Sun, 30 Nov 2014 01:30:09 -0500
Message-ID: <>
To: Paul Hoffman <>
Content-Type: multipart/alternative; boundary=001a113e3e2e9e515505090da2b3
X-Pobox-Relay-ID: 6E444C5C-785A-11E4-A823-42529F42C9D4-82875391!
Subject: Re: [Acme] kinds of proof
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 30 Nov 2014 06:30:57 -0000

On Sat, Nov 29, 2014 at 10:29 PM, Paul Hoffman <>

> On Nov 29, 2014, at 2:11 PM, Viktor Dukhovni <>
> wrote:
> > Sure, and the domain owner can field servers on whatever port he/she
> > wishes after demonstrating control over the domain, which to me
> > means control over the DNS (be it direct, or indirect via whoever
> > administers the DNS).
> I think this will have to be an "agree to disagree" situation. The Let's
> Encrypt promotional material indicates that they want to get more HTTPS out
> in the world, so they need to deal with the huge number of folks who use
> hosting companies and thus have no DNS control. I believe that is a great
> goal.

I agree with your assessment of LE's goal, and with the goal itself, but
aren't hosting companies themselves a meaningful target audience for ACME
and expanding HTTPS?

Anything that's in charge of your domain's DNS, or to whom you've delegated
control, should also be able to automate the provisioning of a free
certificate for you. No one's disputing that. So even if ACME did not prove
domain ownership by checking port 80, there'd be reason to believe it would
expand the playing field, if hosting companies found offering free
certificates a competitive feature.

That all said, I just read through the ACME draft spec[1], and none of the
listed proof-of-ownership methods involved just checking a path on port 80.

The HTTP-based proof mechanisms function by fetching a well-known URI over
port 443, and ensuring that a *valid self-signed certificate* is used to
make the connection and display the correct response. That self-signed cert
needs to use the same keypair that the server is attempting to validate for
use in making the CA-signed certificate.

That's smart, and completely removes concerns over things like
user-generated content hijacking a URI for someone else's server. To prove
you own a server without owning its DNS, you need to be able to generate a
keypair on the box and tell a webserver to use it -- the exact same control
you'd need to use Let's Encrypt in the first place -- and nothing less.

-- Eric


> --Paul Hoffman
> _______________________________________________
> Acme mailing list

-- | @konklone <>