IETF Logo Mail Archive

Re: [Acme] Obtaining the Tor hidden service descriptor for draft-ietf-acme-onion

Seo Suchan <tjtncks@gmail.com> Tue, 17 October 2023 03:15 UTC

Return-Path: <tjtncks@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 365FFC151072 for <acme@ietfa.amsl.com>; Mon, 16 Oct 2023 20:15:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.602
X-Spam-Level:
X-Spam-Status: No, score=-1.602 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, HK_RANDOM_ENVFROM=0.001, HK_RANDOM_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UMX9OjgILqKb for <acme@ietfa.amsl.com>; Mon, 16 Oct 2023 20:15:20 -0700 (PDT)
Received: from mail-pl1-x62b.google.com (mail-pl1-x62b.google.com [IPv6:2607:f8b0:4864:20::62b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BDDE4C14CE25 for <acme@ietf.org>; Mon, 16 Oct 2023 20:15:20 -0700 (PDT)
Received: by mail-pl1-x62b.google.com with SMTP id d9443c01a7336-1ca72f8ff3aso10898775ad.0 for <acme@ietf.org>; Mon, 16 Oct 2023 20:15:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1697512520; x=1698117320; darn=ietf.org; h=in-reply-to:autocrypt:from:references:to:content-language:subject :user-agent:mime-version:date:message-id:from:to:cc:subject:date :message-id:reply-to; bh=BwiS7WL/CwM2YGjBCdN7Fc0jWQ8DwTo8JAgStIng0J0=; b=FjwReUV74nAP0sgbBqck+YZ+MAeu4Zj/k+mp6I+5hj9nf0wMK/gjwgtCPqXWoMIEf7 xDP5DHMQdmESiYyDwHCiQ+3Gg2x0h39A2BvBNRln5lxMIhS44VUiAKXacmVS72xAQCjW TbsHog6Jl1YHXepbbag6SGb5hfzvrHKCUM1kEgMyl/JGdkhF7qCwaJejKBKjLpwiw6o2 jjJh3sTGcBFqsevrrfVGP5WtZYOExm3iXfXheYOoSHpn8Z7ZgvrHxMY0Oc2FgXT2ZTyq 1s2WS5iLJPJr45Ht+vmp+s9HcB82ES0qmGOTZ4SZnKRy+J4g8KyASc+BTpg2kfkAuOa6 PXMg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1697512520; x=1698117320; h=in-reply-to:autocrypt:from:references:to:content-language:subject :user-agent:mime-version:date:message-id:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=BwiS7WL/CwM2YGjBCdN7Fc0jWQ8DwTo8JAgStIng0J0=; b=wancXsTP5maRuaVtPVbmCAQjfXLyQuR2K7DcvsVQ38osPlStQil106evYTZ2XFzgFe KyWJboJTbaB59IyTTOjLoot34uwwbqFq2mglwhiICIEeRyyOq3Y9AhM9n16n9ISRsNFn ak8byv0Sp5+ZExMewQsS5BVvstb80wE1lrb8Ns6xThJHgyzvfJ6uKW4CXAalyk99tXyd 5QTumLaOSDt/igiw483Dgwvp3oL8i8O/oZBREpGyLsv+B3l39RixSvZb9yvbgebvLYbY DragcB/DIGEYqBfv86WKBI/CcVcExygLyq8qWqaMMYVhxD2yJ8OlY7hAW3ZM3dd8Pt1g F5Mw==
X-Gm-Message-State: AOJu0YxEsHAKsNcf7R+4rbDMuqtTxaQzqoAokoiax9D/xPnHK/sEHmtY jobkwM20mPkq49JPK5osoEplw7zJ12qSUd3d
X-Google-Smtp-Source: AGHT+IFnY+AfUvlTELXThSgvFQDDXtowtEsBLkztR41WMMJhbRde3uMLgDchAJ+/Jy4a+nC77n38jQ==
X-Received: by 2002:a17:902:e746:b0:1c9:d3ce:e7d3 with SMTP id p6-20020a170902e74600b001c9d3cee7d3mr1206232plf.4.1697512519708; Mon, 16 Oct 2023 20:15:19 -0700 (PDT)
Received: from [192.168.25.141] ([223.33.44.140]) by smtp.gmail.com with ESMTPSA id p9-20020a170902bd0900b001b8b07bc600sm324986pls.186.2023.10.16.20.15.18 for <acme@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 16 Oct 2023 20:15:19 -0700 (PDT)
Content-Type: multipart/alternative; boundary="------------02y85EzHT4rONnNlJxgsf5Zf"
Message-ID: <f96a266c-a55e-434b-8652-7f9854f643bc@gmail.com>
Date: Tue, 17 Oct 2023 12:15:16 +0900
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: da, en-US
To: acme@ietf.org
References: <CAMEWqGvnrgp=f4eO1nQ9hzzCnY2z-pxE8fyQvHnzTDYCx-jq6A@mail.gmail.com> <ZSWikYeVECjUrLM0@localhost> <CAMEWqGuJMA99nF8QCC+mJS3N1hSu3Gakvh+=bgo5H-VDgK8Z9g@mail.gmail.com> <CAMEWqGvN1n91eNZzZNfPQ89-Xoj-d9f_rPy0t_byneeDhxNStg@mail.gmail.com> <CAMEWqGt-+xxw3amX17Q247L0HiirAz5aDy7YWPFfSDGp5iMH+g@mail.gmail.com>
From: Seo Suchan <tjtncks@gmail.com>
Autocrypt: addr=tjtncks@gmail.com; keydata= xsDNBGN7GSUBDACv4kxByGqR6X+g16a+ZGb/I4ahDx2I8ZSDLro/bdnzeF4sxc50TeQAwk7F gFx9UYj0x5FXZTTkkhk1VysfS/ZRtr9LDJ8ZGrDX/kcyNRYdXbPYwnMd7A6eAS2NEcMpgh1z JEo8WA+rVgSoc7nNdHR8WpCgtuBZs3j08+3LzfSbuCFXNxf/mMU6+1fqBBqkUGb8z1b6Jcmi 9D3PLiVIOnyj5HcNEKKz18gKWr5HrM9MUpRHciTP0Z5/wR/KlEYbb7lI7lSiEM3F5wsPnfDV F52GX1x6d/j8swWech/N6h42mm2MNdU5K17Ob0j+u4X0ZVQjBSNpSYLkgOhIwZ1x2UaMrUbC ouPrCEVOD7bWCyBFYpsiiJ0B/Nauu2G8sJDLpyeH9QA431+XQ5wj2TwTreqC/KpMWc+ikTyt YKmGoLzY93rakDsPw7fXm3Cve2mZ0qBj2XRTClsM/6x0p3ghj4wynA+UJ2N4vJ0V4qILEyAF A+3XGEpN0BtNCWiqO8PwtMMAEQEAAc0eU2VvIFN1Y2hhbiA8dGp0bmNrc0BnbWFpbC5jb20+ wsEHBBMBCAAxFiEExSjWMeUiRmfe1PiS7Lo6Jc7pimkFAmN7GSUCGwMECwkIBwUVCAkKCwUW AgMBAAAKCRDsujolzumKae2rC/9UPZIY36sVDh/fuNs6z7Y4SF8nvfNIkkAdeD891sju2rUd kri3OFUlMGJDLfGjth+ZZPb94CndO+vFql94VyEIiI8q6OGwlNM7L3cntV8vSCo9i8OVsNvM S8PjDlqRqcq/tm0kX9q4ELxQtsBqSgTREVHNb8PTMHn7mPlZIuFkx6H4zGtyQxMmz5TH4rH/ jrW6vtJn+yFwnt8rux0hpOU7UNyA0BmGiJOD44oHgb/knrexJ+KQY4mVf/Bgzuarfqnp3JSB R6HxMk3px+gH/oz35vVTJNqKJN2Lt4Vo/ku1YzyLAjE+wPp+8zJjTEAZyBhxTp9kVci41blw J+PR6GY/JjlVw0mC8Ab8G3uLj5NvOTnP2rbFHmO9ecWNEP/7xN8rQy0s7r8ojJrarj+tZwpk 2AP5QLwLHNKwHwsqPk6+96/c6ANYdflQl8uOvLPAXEayBmbEYo/KownLgp3B41iaIqYCRpVv Fxux/zSK32QCbnTsfHOu/NlRpq4VfXll6SnOwM0EY3sZJgEMAOOp2sC96VCGwDluPA1MTtWS ptbvr2s4MBBCfYIDQAqpW9Zhuaj+tH2Z8OYlgf6U5WouhlaxDrKIrVNn1uFjZFmoC89NmlnQ hEDxzXa8sRzudrxsPrZTagDIOKm/DQW6OUZi9TuduoQ+xHZMpc4H56bueWOzitzNPqogf0D0 z3qu1UUqR1+w+dnoSlV5y75cW6eX9bZeXR9Zqimv2Q/WjPAFphPMG+WD4+kpsPKodQGhArmx WDkM+tu/n/U88vrUnzjCfs+qt69a5lZSGodf/YzkGaeZpXmzX1OIBjVMEe4++6euhWSkS/c7 RZeHVUaebOj9vP713I6iHMiPOOTpvatlxK8gxIsY9gBerEymgtd9JjbWS7mLRt8Inn8A4mIK 9/30R57f33heKZ5xgqxgBdAHmtrh/13bTw0r6Sh/3izQyN+WGjiJqbpSnvuGtqaSB93gbpLK U8Px8VcaWOuY5WKkE2t/rSU5w27Kf72a79LWnSJ+l8jv1fFnhmigkqH0+QARAQABwsD2BBgB CAAgFiEExSjWMeUiRmfe1PiS7Lo6Jc7pimkFAmN7GSYCGwwACgkQ7Lo6Jc7pimkY8Av+OGVS 59yLCXxr5UK3SPZrh8KcyQQdqqpMW7UDse8Fo6shXWL9VAh26gFhfaKo6seAHCeedSDhVvop FkoxpWM+TK8dEMZBD+Xru3gEhQW7lBGn45E0AHPIe/trXDidGRXC4HDJ1Xk8aavfGSBMnc6M nmwm23VjDXppKEhjk+iEUWwiDxzeahV63KkcWIXx/j+IBnXwMi7HkXEK5dVWP9kuM5d8soIb BbEZ2fl4IJNjy+SBWK6/fR+WgxfWLth5f/mIBm1nsF7UUXDjOS5ZR918cKtoK6VZaWZu/N6C aAVD4gZtOZCParum5cMx79ggrfQxOqVCcfmxM43aroOB6bElAe34t+F/cD9bxCVspJ37RsAW dS7rT7WyCfQPlP4Szf4XAQoVdfiszKPUdTCrnvMKHqnPP0JD6SmK67e1uF4gKZKs3X5qOiF6 CQZ+JBWAq4BxoUfqpkuPsD5m82P7eWO66SzztUJp5BJ47wRBdmGyizGb9Hc9ro+61/QeLCtD Yyjs
In-Reply-To: <CAMEWqGt-+xxw3amX17Q247L0HiirAz5aDy7YWPFfSDGp5iMH+g@mail.gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/oJcqGYSMFsErR8POuogvS43NMiM>
Subject: Re: [Acme] Obtaining the Tor hidden service descriptor for draft-ietf-acme-onion
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Oct 2023 03:15:25 -0000

not sure giving expiry by client side is meaningful: as we send this at 
finalization step, and as something would be very wrong if one request 
another certificate in 8 hours from last certificate so whatever value 
client may put there will be expired by the time we request: in effect 
it'd be act more like timestamp and if it is I kinda want it to be nonce 
for that certificate finalization explicitly.

2023-10-17 오전 3:10에 Q Misell 이(가) 쓴 글:
> Hi all,
>
> In-band CAA is now implemented on the reference CA at 
> https://acmeforonions.org and in the certbot-onion 
> <https://pypi.org/project/certbot-onion/> plugin.
> draft-ietf-acme-onion-01 has also been published with the in-band CAA 
> spec (refined from my last email from issues that arose during 
> implementation).
>
> Cheers,
> Q
> ------------------------------------------------------------------------
>
> Any statements contained in this email are personal to the author and 
> are not necessarily the statements of the company unless specifically 
> stated. AS207960 Cyfyngedig, having a registered office at 13 
> Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading as Glauca 
> Digital, is a company registered in Wales under № 12417574 
> <https://find-and-update.company-information.service.gov.uk/company/12417574>, 
> LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876 
> <https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №: 
> GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524. South 
> Korean VAT №: 522-80-03080. AS207960 Ewrop OÜ, having a registered 
> office at Lääne-Viru maakond, Tapa vald, Porkuni küla, Lossi tn 1, 
> 46001, trading as Glauca Digital, is a company registered in Estonia 
> under № 16755226. Estonian VAT №: EE102625532. Glauca Digital and the 
> Glauca logo are registered trademarks in the UK, under № UK00003718474 
> and № UK00003718468, respectively.
>
>
>
> On Fri, 13 Oct 2023 at 17:19, Q Misell <q@as207960.net> wrote:
>
>     I've found some time to specify in-band CAA, a quick first draft
>     is in the working draft[1]. Looking forward to hearing people's
>     thoughts.
>
>     [1]:
>     https://as207960.github.io/acme-onion/draft-ietf-acme-onion.html#name-alternative-in-band-present
>     ------------------------------------------------------------------------
>
>     Any statements contained in this email are personal to the author
>     and are not necessarily the statements of the company unless
>     specifically stated. AS207960 Cyfyngedig, having a registered
>     office at 13 Pen-y-lan Terrace, Caerdydd, Cymru, CF23 9EU, trading
>     as Glauca Digital, is a company registered in Wales under №
>     12417574
>     <https://find-and-update.company-information.service.gov.uk/company/12417574>,
>     LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876
>     <https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №:
>     GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524.
>     South Korean VAT №: 522-80-03080. AS207960 Ewrop OÜ, having a
>     registered office at Lääne-Viru maakond, Tapa vald, Porkuni küla,
>     Lossi tn 1, 46001, trading as Glauca Digital, is a company
>     registered in Estonia under № 16755226. Estonian VAT №:
>     EE102625532. Glauca Digital and the Glauca logo are registered
>     trademarks in the UK, under № UK00003718474 and № UK00003718468,
>     respectively.
>
>
>
>     On Tue, 10 Oct 2023 at 21:22, Q Misell <q@as207960.net> wrote:
>
>         Hi Silvio,
>
>         Thanks for that info, that's quite helpful.
>
>         I think the idea of allowing the client to just send the CAA
>         lines signed by its key would work well, and remove most if
>         not all of the problems I've been running into.
>         I'll work on implementing that in my draft, and see how
>         difficult it'd be to get that part only working in Boulder (as
>         Let's Encrypt have already indicated that they won't be
>         implementing http-01 and tls-alpn-01 for hidden services).
>
>         Cheers,
>         Q
>         ------------------------------------------------------------------------
>
>         Any statements contained in this email are personal to the
>         author and are not necessarily the statements of the company
>         unless specifically stated. AS207960 Cyfyngedig, having a
>         registered office at 13 Pen-y-lan Terrace, Caerdydd, Cymru,
>         CF23 9EU, trading as Glauca Digital, is a company registered
>         in Wales under № 12417574
>         <https://find-and-update.company-information.service.gov.uk/company/12417574>,
>         LEI 875500FXNCJPAPF3PD10. ICO register №: ZA782876
>         <https://ico.org.uk/ESDWebPages/Entry/ZA782876>. UK VAT №:
>         GB378323867. EU VAT №: EU372013983. Turkish VAT №: 0861333524.
>         South Korean VAT №: 522-80-03080. AS207960 Ewrop OÜ, having a
>         registered office at Lääne-Viru maakond, Tapa vald, Porkuni
>         küla, Lossi tn 1, 46001, trading as Glauca Digital, is a
>         company registered in Estonia under № 16755226. Estonian VAT
>         №: EE102625532. Glauca Digital and the Glauca logo are
>         registered trademarks in the UK, under № UK00003718474 and №
>         UK00003718468, respectively.
>
>
>
>         On Tue, 10 Oct 2023 at 20:14, rhatto <rhatto@torproject.org>
>         wrote:
>
>             On Thu, Sep 07, 2023 at 04:55:51PM +0100, Q Misell wrote:
>             > I've had some discussion recently with the Tor project
>             on implementation
>             > hurdles for draft-ietf-acme-onion. One concern that has
>             been raised by a few is
>             > the need to run a Tor client to validate requests, even
>             with onion-csr-01, due
>             > to the inclusion of CAA in the draft.
>
>             Hi Q, and thanks for bringing this up.
>
>             > One solution proposed to this is that the ACME client
>             MAY[1] send the hidden
>             > service descriptor to CA as part of the finalize
>             request. The CA also MAY
>             > require this, if they do not wish to run a Tor client.
>             This, to my knowledge,
>             > wouldn't reduce the security of the validation of CAA,
>             as the descriptor
>             > document is still cryptographically validated in the
>             same way using the current
>             > network consensus. Additionally the directory
>             authorities that serve
>             > descriptors are already non-trusted actors in Tor.
>             >
>             > The CA would still need a copy of the network consensus
>             document to verify
>             > the descriptor submitted by the client. Most directory
>             authorities however
>             > are reachable over standard HTTP over TCP, in addition
>             to HTTP over Tor.
>             > This would allow the CA to fetch the current consensus
>             without any
>             > connection to Tor. The consensus fetched this way would
>             still be verified
>             > against the trusted directory authorities of Tor[2].
>
>             Specifically, the "valid-after", "fresh-until", and
>             "hsdir_interval" are
>             the only consensus items needed to parse, decrypt and
>             validate an Onion
>             Service descriptor.
>
>             > What are people's thoughts on this, and more
>             importantly, what problems do
>             > people see with this?
>
>             After a lengthy discussion with Tor developers, we suggest
>             the following
>             options, prioritizing the least complex:
>
>             0. ACME clients MAY send "valid-after", "fresh-until" and
>             "hs_interval"
>                along with the descriptor, which would allow the ACME
>             Server to verify
>                CAA in a stateless way, without bootstrapping Tor to
>             fetch the
>                descriptor and without fetching the network consensus.
>
>             1. Only the descriptor is sent by the ACME client, so the
>             ACME server would
>                need to fetch and cache the network consensus.
>
>             2. The ACME client does not send the descriptor, leaving
>             to the ACME server
>                the job of fetching it, as stated on
>             draft-ietf-acme-onion-00.
>
>             For options 0 and 1 above, there are two ways that a
>             consensus (or just the
>             needed items) can be fetched either by ACME clients or
>             servers:
>
>             a. Through the Tor network, from one of many directory caches.
>
>                As this involves bootstrapping Tor, it makes more sense
>             for ACME
>                clients to do this fetching, as clients are probably
>             already connected
>                to Tor in order to run an Onion Service or to make the
>             ACME request
>                through Tor.
>
>             b. Doing HTTP over TCP, or HTTP over Tor to the directory
>             authorities.
>
>                While this is supported nowadays, it's not guaranteed
>             to work in the
>                long term, since this method is deprecated in favor of
>             the approach
>                above, and DirAuths may even stop serving the consensus
>             directly by HTTP
>                at some point.
>
>                This also requires checking the DirAuths' signatures in
>             the consensus
>                document.
>
>             > Should this be incorporated into the draft?
>
>             Yes, we support this idea, but also note that, despite
>             parsing and
>             validating an .onion descriptor being relatively
>             straightforward, it
>             involves more code to be maintained.
>
>             We understand that signed CAA parameters could be accepted
>             directly in
>             an ACME API request without reducing security and the need
>             to process an
>             entire descriptor.
>
>             -- 
>             Silvio Rhatto
>             pronouns he/him
>             _______________________________________________
>             Acme mailing list
>             Acme@ietf.org
>             https://www.ietf.org/mailman/listinfo/acme
>
>
> _______________________________________________
> Acme mailing list
> Acme@ietf.org
> https://www.ietf.org/mailman/listinfo/acme

v2.23.0 | Report a Bug | By Email