Re: [Acme] On multiple CAs and contact-based recovery
Ron <ron@debian.org> Thu, 24 March 2016 09:42 UTC
Return-Path: <ron@debian.org>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5D8312D669 for <acme@ietfa.amsl.com>; Thu, 24 Mar 2016 02:42:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M12f1__plY0F for <acme@ietfa.amsl.com>; Thu, 24 Mar 2016 02:42:45 -0700 (PDT)
Received: from ipmail05.adl6.internode.on.net (ipmail05.adl6.internode.on.net [150.101.137.143]) by ietfa.amsl.com (Postfix) with ESMTP id 23E9312D14B for <acme@ietf.org>; Thu, 24 Mar 2016 02:42:44 -0700 (PDT)
Received: from ppp14-2-14-167.lns21.adl2.internode.on.net (HELO mailservice.shelbyville.oz) ([14.2.14.167]) by ipmail05.adl6.internode.on.net with ESMTP; 24 Mar 2016 20:12:44 +1030
Received: from localhost (localhost [127.0.0.1]) by mailservice.shelbyville.oz (Postfix) with ESMTP id 6CE5BFFD85; Thu, 24 Mar 2016 20:12:43 +1030 (ACDT)
X-Virus-Scanned: Debian amavisd-new at mailservice.shelbyville.oz
Received: from mailservice.shelbyville.oz ([127.0.0.1]) by localhost (mailservice.shelbyville.oz [127.0.0.1]) (amavisd-new, port 10024) with LMTP id O2gusKoxEjsk; Thu, 24 Mar 2016 20:12:40 +1030 (ACDT)
Received: from hex.shelbyville.oz (hex.shelbyville.oz [192.168.1.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mailservice.shelbyville.oz (Postfix) with ESMTPS id 8E02CFF96C; Thu, 24 Mar 2016 20:12:40 +1030 (ACDT)
Received: by hex.shelbyville.oz (Postfix, from userid 1000) id 7A86780470; Thu, 24 Mar 2016 20:12:40 +1030 (ACDT)
Date: Thu, 24 Mar 2016 20:12:40 +1030
From: Ron <ron@debian.org>
To: Martin Thomson <martin.thomson@gmail.com>
Message-ID: <20160324094240.GJ15641@hex.shelbyville.oz>
References: <B594A7FA-1F8B-489C-8A7D-328BCD60C79A@inria.fr> <CABkgnnVL2z1vR_ii_+0C0jwU9DVW8NWe5FsAbC3P_-o1V2sjEQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CABkgnnVL2z1vR_ii_+0C0jwU9DVW8NWe5FsAbC3P_-o1V2sjEQ@mail.gmail.com>
User-Agent: Mutt/1.5.23 (2014-03-12)
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/pY02qn9hf_30nf7a_P3X7ddhzxQ>
Cc: Karthik Bhargavan <karthikeyan.bhargavan@inria.fr>, "acme@ietf.org" <acme@ietf.org>
Subject: Re: [Acme] On multiple CAs and contact-based recovery
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Mar 2016 09:42:48 -0000
On Thu, Mar 24, 2016 at 04:45:06PM +1100, Martin Thomson wrote: > On 24 March 2016 at 09:33, Karthik Bhargavan > <karthikeyan.bhargavan@inria.fr> wrote: > > Emails with clickable links are *BAD*; we should enhance their security by > > linking them better with > > the ACME account key. > > FWIW, I think that a clickable link could be possible, it just > wouldn't be able to point to the server. If, as you suggest, the > point is to give the ACME client a fresh secret, then the link could > be changed from: > > https://acme.server.example/recover/<secret> > > to > > acme:recover:<secret> Personally, I like the idea of moving best practice away from clickable links in plaintext email ... But if integration with existing email infrastructure is desirable, the other option to consider there might be PGP/MIME. The downside is you add yet another key to manage and all the things which come with that. The upsides are, we get to reinvent fewer wheels, we can have end to end security for the email exchange (to the point where the entire exchange could be a signed and encrypted reply to the challenge email), and the 'exceptional' recovery mechanism requires proof of ownership of a key which can be kept entirely separate from the normal 'day to day' use of an acme client - and which might be more likely to be protected by a strong passphrase than the keys used for automated acme renewals. (maybe the reason I lost my account key and need to recover is that someone broke in and stole the machine it was on, so having something which can trump that to let me recover and revoke it does seem like a desirable thing in its own right - but that then poses the problem of what proof do I need to show to securely change my trump card ...) In theory, the server and client keys could also be cross-signed, but that probably doesn't scale to having 7 billion signatures on the server key :) All the client would need to do is publish their PGP key on a keyserver and add the fingerprint of that key as part of their contact details. But that said, I do also like the simplicity of making this congruent with the account roll-over process. > Most operating systems understand how to invoke local software in > response to that and your proposed flow behaves much the same from a > user perspective. > > That isn't *as* good as your proposal, I don't think, but it might > have some usability advantages. The main downside I see to this, is that if I need to fully automate the acme client to perform certificate renewals every few weeks, then it's unlikely to be running on the same machine where I read email. Ideally it's going to be running in a sandbox that has very limited access to or from anything but the acme server, the machines where certificates need to be deployed, and the people who are authorised to administer it. If I was going to add a way to allow people to perform admin actions on it via email, it probably would be by having them send PGP signed control messages to it ... Ron
- [Acme] On multiple CAs and contact-based recovery Karthik Bhargavan
- Re: [Acme] On multiple CAs and contact-based reco… Ted Hardie
- Re: [Acme] On multiple CAs and contact-based reco… Karthik Bhargavan
- Re: [Acme] On multiple CAs and contact-based reco… Stephen Farrell
- Re: [Acme] On multiple CAs and contact-based reco… Martin Thomson
- Re: [Acme] On multiple CAs and contact-based reco… Ron
- Re: [Acme] On multiple CAs and contact-based reco… Richard Barnes
- Re: [Acme] On multiple CAs and contact-based reco… Richard Barnes
- Re: [Acme] On multiple CAs and contact-based reco… Ron
- Re: [Acme] On multiple CAs and contact-based reco… Ron
- Re: [Acme] On multiple CAs and contact-based reco… Karthik Bhargavan