IETF Logo Mail Archive

Re: [Acme] SNI extension for tls-alpn-01 challenge in draft-ietf-acme-ip-05

Michael Richardson <mcr+ietf@sandelman.ca> Tue, 23 April 2019 20:28 UTC

Return-Path: <mcr@sandelman.ca>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8109D120123 for <acme@ietfa.amsl.com>; Tue, 23 Apr 2019 13:28:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zLLTRnKcyMX1 for <acme@ietfa.amsl.com>; Tue, 23 Apr 2019 13:28:49 -0700 (PDT)
Received: from relay.sandelman.ca (relay.cooperix.net [176.58.120.209]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B8051200E9 for <acme@ietf.org>; Tue, 23 Apr 2019 13:28:48 -0700 (PDT)
Received: from dooku.sandelman.ca (unknown [75.98.19.133]) by relay.sandelman.ca (Postfix) with ESMTPS id 235181F457; Tue, 23 Apr 2019 20:28:47 +0000 (UTC)
Received: by dooku.sandelman.ca (Postfix, from userid 179) id E42DB3B51; Tue, 23 Apr 2019 16:28:46 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Ryan Sleevi <ryan-ietf@sleevi.com>
cc: "acme@ietf.org" <acme@ietf.org>
In-reply-to: <CAErg=HH2NqHH-+AUAXvMWBrmhOPH=86twOkr=b=F0TduB45KSw@mail.gmail.com>
References: <MN2PR18MB28457CCBEF6FFE2B70E286FCC3250@MN2PR18MB2845.namprd18.prod.outlook.com> <CAErg=HGYuRc+tOBwRedx5a9tnH9iVm3bfWYhfXeiHCgcvp8gMA@mail.gmail.com> <MN2PR18MB2845DBA634A0BC648222C627C3230@MN2PR18MB2845.namprd18.prod.outlook.com> <CAErg=HG=LgqDxZ8QxVSAq2K6MsKJX36o6O7v0ojS3rsgUXuHVw@mail.gmail.com> <24216.1556044089@dooku.sandelman.ca> <CAErg=HH2NqHH-+AUAXvMWBrmhOPH=86twOkr=b=F0TduB45KSw@mail.gmail.com>
Comments: In-reply-to Ryan Sleevi <ryan-ietf@sleevi.com> message dated "Tue, 23 Apr 2019 14:43:07 -0400."
X-Mailer: MH-E 8.6; nmh 1.6; GNU Emacs 24.5.1
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Tue, 23 Apr 2019 16:28:46 -0400
Message-ID: <32047.1556051326@dooku.sandelman.ca>
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/pz57bSIM7H-CTbmjO_IlElumitA>
Subject: Re: [Acme] SNI extension for tls-alpn-01 challenge in draft-ietf-acme-ip-05
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Apr 2019 20:28:51 -0000

Ryan Sleevi <ryan-ietf@sleevi.com> wrote:
    > Now, the system can already dispatched based on hostname, ensuring that
    > good.example sessions are served Customer A's response, and
    > evil.example sessions are served Customer B's response. The issue is
    > whose response is served when there is no SNI? Under a TLS-ALPN (no-ip)
    > model, there's no restrictions or requirements there; you could serve
    > Customer A, customer B, or neither - and none would undermine the
    > security of TLS-ALPN (as a validation method) or of the security
    > properties you're trying for.

okay, I'm with you so far.

    > In a world where IPs were possible to be validated using TLS-ALPN, and
    > the information omitted from the request, if evil.example/Customer B
    > can serve a certificate that confirms the response for 10.0.0.2, then
    > they could get a certificate for Customer A's IP.

To do this requires that the cloud provider make a clear decision about what
they are going to do with SNI-less requests above.    I feel that the cloud
provider did something wrong here.

    > In a world where we include the to-be-validated IP in the request, and
    > the Cloud Provider is observing the security invariants required for
    > TLS-ALPN (that any hostnames to be validated have been successfully
    > authenticated as belonging to the customer in question), then Customer
    > B would have to demonstrate control, to the provider, over
    > 2.0.0.10.in-addr.arpa in order to get such a certificate.

I see.

-- 
]               Never tell me the odds!                 | ipv6 mesh networks [ 
]   Michael Richardson, Sandelman Software Works        | network architect  [ 
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [

v2.23.0 | Report a Bug | By Email