IETF Logo Mail Archive

Re: [Acme] Adam Roach's Discuss on draft-ietf-acme-acme-14: (with DISCUSS and COMMENT)

"Salz, Rich" <rsalz@akamai.com> Thu, 30 August 2018 15:51 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42D10130DD1 for <acme@ietfa.amsl.com>; Thu, 30 Aug 2018 08:51:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.72
X-Spam-Level:
X-Spam-Status: No, score=-0.72 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=1.989, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id omWRLV0uA_We for <acme@ietfa.amsl.com>; Thu, 30 Aug 2018 08:51:07 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 394C012F295 for <acme@ietf.org>; Thu, 30 Aug 2018 08:51:07 -0700 (PDT)
Received: from pps.filterd (m0050096.ppops.net [127.0.0.1]) by m0050096.ppops.net-00190b01. (8.16.0.22/8.16.0.22) with SMTP id w7UFmPgt017297 for <acme@ietf.org>; Thu, 30 Aug 2018 16:51:06 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=jan2016.eng; bh=fNgtvWTUusl+A20NOJzMbYFkmpObPee+9/8mdqMr6Qk=; b=Te+toJzTN24luFNPoGIhIpCqGjyhCn5++V/Jkcsi3tILNBNsUkgoQJUaFX1ok0g3NSuC oGHx1n9MtY6F8CWUtB3aIcKk/mV0c+lEY2vSeHpu4hJVPpHrKtmkjmYI1b80O3Bz8aLk xaTCZeqwJnmoEMumlPgxYenZ3+ttjQLla6fSJkzXCn859nJR3YVHNPUa3MAz2IvT46fx w1/VU6nqvWJ11T5xW26/bJd8eQ8cfm+/z0sJSL+D4dnbUGFjQyUnDgqtJrXlV66PA003 6KBrlnk2+3lLR7rZoDvGf1POInA3Y5liPZqPz/nKGLI7xo7mCi5zvs63mpaYxI0kXMPf 3Q==
Received: from prod-mail-ppoint4 (a96-6-114-87.deploy.static.akamaitechnologies.com [96.6.114.87] (may be forged)) by m0050096.ppops.net-00190b01. with ESMTP id 2m5gvh5xpj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <acme@ietf.org>; Thu, 30 Aug 2018 16:51:06 +0100
Received: from pps.filterd (prod-mail-ppoint4.akamai.com [127.0.0.1]) by prod-mail-ppoint4.akamai.com (8.16.0.21/8.16.0.21) with SMTP id w7UFoMl8004777 for <acme@ietf.org>; Thu, 30 Aug 2018 11:51:05 -0400
Received: from email.msg.corp.akamai.com ([172.27.123.53]) by prod-mail-ppoint4.akamai.com with ESMTP id 2m32evgedg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for <acme@ietf.org>; Thu, 30 Aug 2018 11:51:05 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com (172.27.123.101) by usma1ex-dag1mb3.msg.corp.akamai.com (172.27.123.103) with Microsoft SMTP Server (TLS) id 15.0.1365.1; Thu, 30 Aug 2018 11:51:04 -0400
Received: from USMA1EX-DAG1MB1.msg.corp.akamai.com ([172.27.123.101]) by usma1ex-dag1mb1.msg.corp.akamai.com ([172.27.123.101]) with mapi id 15.00.1365.000; Thu, 30 Aug 2018 11:51:04 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: "acme@ietf.org" <acme@ietf.org>
Thread-Topic: [Acme] Adam Roach's Discuss on draft-ietf-acme-acme-14: (with DISCUSS and COMMENT)
Thread-Index: AQHUQBz+hoOlty8ouU2i67BLdEbZL6TYhEMAgAAK+YCAAAP0AIAAHTMAgAACe4D//79qgA==
Date: Thu, 30 Aug 2018 15:51:03 +0000
Message-ID: <9E4B0F0F-F65A-44B4-A05B-3966F1F4C856@akamai.com>
References: <153560463159.14901.5253843942494748934.idtracker@ietfa.amsl.com> <CAL02cgS0_d5qfraPoN2rmrZ9qGqmVdGdHu_a8knNkFcD1kcwpQ@mail.gmail.com> <8b419e1e-1bea-a1c3-159f-ad049a6c113e@nostrum.com> <20180830154850.21a82df5@rovaniemi> <bcfd8b8d-2485-b170-f055-001a987af0e9@nostrum.com> <CAL02cgRrKjzV8NEEUyYf1Yg=Nz7fHoSc4yZupxL9A-p7v2LD0A@mail.gmail.com>
In-Reply-To: <CAL02cgRrKjzV8NEEUyYf1Yg=Nz7fHoSc4yZupxL9A-p7v2LD0A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.10.0.180812
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.32.213]
Content-Type: multipart/alternative; boundary="_000_9E4B0F0FF65A44B4A05B3966F1F4C856akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-08-30_06:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1807170000 definitions=main-1808300163
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-08-30_06:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1807170000 definitions=main-1808300163
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/nZal4UoS-dhyhflhOqMcWRTb2ak>
Subject: Re: [Acme] Adam Roach's Discuss on draft-ietf-acme-acme-14: (with DISCUSS and COMMENT)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Aug 2018 15:51:09 -0000

It appears that we missed a security issue.

Please take a look at the PR mentioned below.  It removes many GET requests and turns them into POST so that the client payload can have authentication information.

If you object to this change, please post a note to the list and explain why.  Try to do that within a week.

Thanks.

From: Richard Barnes <rlb@ipv.sx>
Date: Thursday, August 30, 2018 at 11:42 AM
To: Adam Roach <adam@nostrum.com>
Cc: "felix=40fontein.de@dmarc.ietf.org" <felix=40fontein.de@dmarc.ietf.org>, "acme@ietf.org" <acme@ietf.org>
Subject: Re: [Acme] Adam Roach's Discuss on draft-ietf-acme-acme-14: (with DISCUSS and COMMENT)

My preference here would be for approach (1).  I appreciate that it's a big change to make this late in the process, but that's the price we pay for missing a pretty significant issue up until now.  For existing implementations, the code impact should be modest, as long as they have been architected to isolate fetch logic (i.e., the have a get() method that you could just change to do the right POST thing).  And as long as we don't *forbid* responding to GET requests, servers can support both options for the time being.

To illustrate what change we'd need to make, I went ahead and wrote up a PR:

https://github.com/ietf-wg-acme/acme/pull/445<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_ietf-2Dwg-2Dacme_acme_pull_445&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=7dUyJM7__-T0aEsaHsL6mUJ8aY5ir3qquVg3g8SbiLs&s=6NSyMcFlAEWr3XtZ_GhVocgofBUBRZ3viFi5ZUdir-E&e=>

v2.23.0 | Report a Bug | By Email