IETF Logo Mail Archive

Re: [Acme] ACME signature mechanics

Phillip Hallam-Baker <phill@hallambaker.com> Wed, 17 December 2014 22:54 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1BE3C1A8778 for <acme@ietfa.amsl.com>; Wed, 17 Dec 2014 14:54:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.277
X-Spam-Level:
X-Spam-Status: No, score=-1.277 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ufdKKepvY6GE for <acme@ietfa.amsl.com>; Wed, 17 Dec 2014 14:54:11 -0800 (PST)
Received: from mail-la0-x229.google.com (mail-la0-x229.google.com [IPv6:2a00:1450:4010:c03::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 413DD1A8771 for <acme@ietf.org>; Wed, 17 Dec 2014 14:54:11 -0800 (PST)
Received: by mail-la0-f41.google.com with SMTP id hv19so47229lab.0 for <acme@ietf.org>; Wed, 17 Dec 2014 14:54:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=Udh2MOK01MhMCyqwu/Z+agjazOqk66benkwBodb+EaU=; b=eTDClmmUqDuXbZDTJJkURC9puL0L1RzSr21vzBhA3LB9uhQ7tQqfDF2lj7TSrGaZq5 kX7YCgtDhyGcufSs8xhDYjk6edcUrE+ChVU9ywpMFxAFUPrD6i685YF5wXmVKFOuWBjt V3Jd0Ty3wn6WSbuwH8OQ30h/09a2/Cy1oCpq6hbw0yYgJe68fm0bus8bCwJxD+FRhwxO //5RJqgkqs1bygUBoCb5TjGtjYykcwdnQJf9qkZqSQ7ww+LjpNvouYQsaCOCTGhu+YfM VOfC9PFkNnGiCztciY/ynd5Aj9FW8AtT2U1/PQqdnxWijiBZDyyJ9D8ybId415DzFoGG C9Fw==
MIME-Version: 1.0
X-Received: by 10.152.8.225 with SMTP id u1mr41429684laa.21.1418856849762; Wed, 17 Dec 2014 14:54:09 -0800 (PST)
Sender: hallam@gmail.com
Received: by 10.112.19.42 with HTTP; Wed, 17 Dec 2014 14:54:09 -0800 (PST)
In-Reply-To: <20141217222309.GD3241@localhost>
References: <548FF9E3.1020703@gmail.com> <CAL02cgT9iYqtX2Ui5XQYnj=yeF_QnSkKn-jE0D5d56WMzB5bBg@mail.gmail.com> <CAMm+LwjwG0dPTkByu5WZ_ev3xNxAMwunoc-A_VK4sKPSZXRYDw@mail.gmail.com> <20141217171915.GX3241@localhost> <CAMm+LwjRk_skCW4bJ607YzeVrCN71o=p4gmzy0koYty-J7L2yQ@mail.gmail.com> <20141217222309.GD3241@localhost>
Date: Wed, 17 Dec 2014 17:54:09 -0500
X-Google-Sender-Auth: vJZYuV-wZ6QbHrIyBVqmvUIaoBo
Message-ID: <CAMm+LwjJ4RBVwggPCoyE41hbkASoGWy1_GquS76o2O5T7KauaA@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
To: Nico Williams <nico@cryptonector.com>
Content-Type: multipart/alternative; boundary="089e0158b79e847275050a715aa9"
Archived-At: http://mailarchive.ietf.org/arch/msg/acme/qGzk66q_ISIIPaarsLQi6u3ciCE
Cc: Richard Barnes <rlb@ipv.sx>, "acme@ietf.org" <acme@ietf.org>, Anders Rundgren <anders.rundgren.net@gmail.com>
Subject: Re: [Acme] ACME signature mechanics
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Dec 2014 22:54:14 -0000

On Wed, Dec 17, 2014 at 5:23 PM, Nico Williams <nico@cryptonector.com>
wrote:
>
> On Wed, Dec 17, 2014 at 03:28:27PM -0500, Phillip Hallam-Baker wrote:
> > On Wed, Dec 17, 2014 at 12:19 PM, Nico Williams <nico@cryptonector.com>
> > wrote:
> > >
> > > On Wed, Dec 17, 2014 at 12:02:10PM -0500, Phillip Hallam-Baker wrote:
> > >
> > > That does leave two open issues to be decided though:
> > > >
> > > > 1 Should the signature header be part of the HTTP header or the
> payload?
> > >
> > > The payload.  And then you've created a new MIME type.
> >
> >
> > *message/rfc822*
>
> I guess that works.
>
> > In fact we could even make both the header and the payload portion JSON
> > encoded and then just use the JSON list spec to put them both in the same
> > wrapper. The only hard part here is that we have a sequence of octets and
> > we need to unambiguously specify exactly where the dividing line is
> between
> > them:
>
> Might as well just have a single JSON value wrapping both (or a JSON
> text sequence!), but whatever.


No, not at all. At every layer in the stack we have a separation of
Header/Payload. And the Payload for one layer contains the Header and
Payload for the one above.

If the architecture was clean we would have this pattern all the way up the
stack. But instead we have rather a lot of places where things are
confused. and intertwingled. HTTP being especially bad as part of the
header is application protocol and part is message content.


Where this becomes a problem is when trying to sign stuff. I want the scope
of the signature to be exactly the scope of the payload. Right now my code
all works on the basis that the payload is the HTTP payload. But I am more
than happy to move to a model where the payload is the message payload.

This has other advantages we could make use of later on. For example, we
could add encryption without problems. Or we could make it a general
metadata prefix for content. Or we could add in slots for content metadata
that tends to get conflated with SMTP or HTTP headers making signature and
encryption harder than needed.


If we try to wrap a JSON object then we are committed to the payload being
JSON and we have two areas of ambiguity in the signature scope, the start
and the end.

Prefixing a signed object with a JSON blob and CRLF is rather simpler.

v2.23.0 | Report a Bug | By Email