Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf-acme-email-smime-10: (with DISCUSS and COMMENT)
Alexey Melnikov <alexey.melnikov@isode.com> Tue, 17 November 2020 12:49 UTC
Return-Path: <alexey.melnikov@isode.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE5353A129D; Tue, 17 Nov 2020 04:49:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=isode.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JNOj87SdZ8n6; Tue, 17 Nov 2020 04:49:54 -0800 (PST)
Received: from waldorf.isode.com (waldorf.isode.com [62.232.206.188]) by ietfa.amsl.com (Postfix) with ESMTP id 324B43A12A2; Tue, 17 Nov 2020 04:49:54 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1605617393; d=isode.com; s=june2016; i=@isode.com; bh=y8+ZLltdJMAl7H0UIWFOtP/qwToZwOvdAnmgWxTgcjE=; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: In-Reply-To:References:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description; b=iIY3DuhVinEALlGkksVEdRjFS8fdS/RfhjRHktNlqOlbKEfbZ/RWAyc+JqPYM4FiFsnw6F WGRF0leRSdzoLrUHYRScUD6azF1kqI/D8DQIkOYioWM+tCVRiCGlE1s5wdwqTG3lpAG/en 4NK/2eBqnj+l2RGb4jtrBM6vWT2S2bk=;
Received: from [192.168.0.5] ((unknown) [176.252.130.164]) by waldorf.isode.com (submission channel) via TCP with ESMTPSA id <X7PG8AA314Mt@waldorf.isode.com>; Tue, 17 Nov 2020 12:49:52 +0000
X-SMTP-Protocol-Errors: NORDNS
To: Benjamin Kaduk <kaduk@mit.edu>
Cc: rsalz@akamai.com, acme@ietf.org, The IESG <iesg@ietf.org>, acme-chairs@ietf.org
References: <160456339844.32027.10383263330343255957@ietfa.amsl.com> <c72efad4-76b8-e323-56f8-3735d76a1d9c@isode.com> <20201112235623.GP39170@kduck.mit.edu>
From: Alexey Melnikov <alexey.melnikov@isode.com>
Message-ID: <3b1806ac-fe6c-d5c0-3218-aea0f65f7e77@isode.com>
Date: Tue, 17 Nov 2020 12:49:52 +0000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.4.3
In-Reply-To: <20201112235623.GP39170@kduck.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-GB
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/qrQCa1mW2Jd9mruBgrOYthlJg1I>
Subject: Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf-acme-email-smime-10: (with DISCUSS and COMMENT)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Nov 2020 12:49:56 -0000
Hi Ben,
On 12/11/2020 23:56, Benjamin Kaduk wrote:
> Hi Alexey,
>
> On Thu, Nov 12, 2020 at 04:28:39PM +0000, Alexey Melnikov wrote:
>> Hi Ben,
>>
>> On 05/11/2020 08:03, Benjamin Kaduk via Datatracker wrote:
>>> The more straightforward point is that the procedure in section 3
>>> indicates that token-part2 is returned to the ACME client over HTTPS,
>>> but the stated procedure does not otherwise involve an ACME client in
>>> initiating the newOrder request. I think we need to clarify the
>>> interaction/relationship between end-user/email client UI/etc and the
>>> ACME client in step 1. In particular, I think that "[t]his document
>>> doesn't prescribe how exactly S/MIME certificate issuance is initiated"
>>> seems incompatible with requiring there to be an ACME client involved
>>> (and the presumed newOrder ACME request, etc.) unless the "initiate"
>>> operation is supposed to be the way by which the ACME client is
>>> triggered to start the request.
>> I propose the following new description to address your above DISCUSS
>> points. This probably needs another editorial pass for readability, but
>> I think the new description is much better for implementors:
> Yes, I like it. Editorial notes inline...
>
>> The process of issing an S/MIME certificate works as follows. Note
>> that the ACME client can be a standalone application (if the MUA is
>> not ACME-email-aware) or can be a component of the MUA.
>>
>> 1. An end-user initiates issuance of an S/MIME certificate for one
>> of her email addresses. This might be done using email client
>> UI, by running a command line tool, by visiting a Certificate
>> Authority web page, etc. This document doesn't prescribe
>> specific UI used to initiate S/MIME certificate issuance.
> Maybe also add "or where the ACME client is located" or similar at the end
> of the sentence?
Yes. Good idea. I included all of your editorial suggestions in the
upcoming -12. Also see my comment below.
>> 2. The ACME-email-aware client component begins the certificate
>> issuance process by sending a POST request to the server's
>> newOrder resource, including the identifier of type "email". See
>> Section 7.4 of [RFC8555] for more details.
>>
>> 3. The ACME server responds to the POST request, including
> nit: "an"
>
>> "authorizations" URL for the requested email address. The ACME
>> client then retrieves information about the corresponding "email-
>> reply-00" challenge as specified in Section 7.5 of [RFC8555].
>> The "token" field of the corresponding "challenges" array element
>> (which contains "type": "email-reply-00" as another field)
>> contains token-part2. token-part2 should contain at least 128
>> bits of entropy.
> Per my other message, we should talk about the "url" contents as well.
Yes, I will post -12 shortly and I will address this change in -13.
>> 4. After responding to the authorization request the ACME server
>> generates another token and a "challenge" email message with the
>> subject "ACME: <token-part1>", where <token-part1> is the
>> base64url encoded [RFC4648] of the token. The ACME server MUST
> nit: missing word ("form" or "version" or something, for "encoded version
> of the token")
>
>> generate a fresh token for each S/MIME issuance request
>> (authorization request), and token-part1 MUST contain at least
>> 128 bits of entropy. The challenge email message structure is
>> described in more details in Section 3.1.
> We might also note that the "From:" line matches the "url" field of the
> challenge object.
>
>> 5. The MUA retrieves and parses the challenge email message. The
>> ACME client concatenates "token-part1" (received over email) and
>> "token-part2" (received over HTTPS [RFC2818]) to create ACME
> (We might in theory length-prefix the token parts before concatenating for
> hygiene purposes, but the way they are generated doesn't really seem to
> open any attacks.)
>
> nit: "the ACME"
>
>> "token", calculates keyAuthorization (as per Section 8.1 of
>> [RFC8555]), then returns the base64url encoded SHA-256 digest
>> [FIPS180-4] of the key authorization. The MUA returns the
>> base64url encoded SHA-256 digest obtained from the ACME client in
>> the body of a response email message. The response email message
>> structure is described in more details in Section 3.2.
>>
>> 6. Once the MUA sends the response email, the ACME client can start
>> polling the authorization URL (using POST-as-GET request) to see
> nit: "requests" plural
- [Acme] Benjamin Kaduk's Discuss on draft-ietf-acm… Benjamin Kaduk via Datatracker
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Alexey Melnikov
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Alexey Melnikov
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Alexey Melnikov
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Fraser Tweedale
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Alexey Melnikov