Re: [Acme] Trust and security in DNS challenge validation automation
Ilari Liusvaara <ilariliusvaara@welho.com> Tue, 16 January 2018 15:59 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C9E1712D837 for <acme@ietfa.amsl.com>; Tue, 16 Jan 2018 07:59:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.91
X-Spam-Level:
X-Spam-Status: No, score=-1.91 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5DSHshHCUw_E for <acme@ietfa.amsl.com>; Tue, 16 Jan 2018 07:59:29 -0800 (PST)
Received: from welho-filter1.welho.com (welho-filter1.welho.com [83.102.41.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A135912D833 for <acme@ietf.org>; Tue, 16 Jan 2018 07:59:29 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by welho-filter1.welho.com (Postfix) with ESMTP id 045E8537C6 for <acme@ietf.org>; Tue, 16 Jan 2018 17:59:27 +0200 (EET)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp3.welho.com ([IPv6:::ffff:83.102.41.86]) by localhost (welho-filter1.welho.com [::ffff:83.102.41.23]) (amavisd-new, port 10024) with ESMTP id 4fO34-rtHgfK for <acme@ietf.org>; Tue, 16 Jan 2018 17:59:26 +0200 (EET)
Received: from LK-Perkele-VII (87-92-19-27.bb.dnainternet.fi [87.92.19.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by welho-smtp3.welho.com (Postfix) with ESMTPSA id AB5A22308 for <acme@ietf.org>; Tue, 16 Jan 2018 17:59:25 +0200 (EET)
Date: Tue, 16 Jan 2018 17:59:25 +0200
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: acme@ietf.org
Message-ID: <20180116155925.GA27134@LK-Perkele-VII>
References: <1a6f7bfb-d6dc-bd1a-fcb5-ec78ec4497cf@eff.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <1a6f7bfb-d6dc-bd1a-fcb5-ec78ec4497cf@eff.org>
User-Agent: Mutt/1.9.2 (2017-12-15)
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/r16OS6DH_1iMv26FNIudFU5GxBs>
Subject: Re: [Acme] Trust and security in DNS challenge validation automation
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Jan 2018 15:59:32 -0000
On Tue, Jan 16, 2018 at 12:12:00PM +0200, Joona Hoikkala wrote: > > While ACME tries to promote automation of the challenge validation, the > landscape of said automation looks rather grim. DNS server software and > service providers rarely provide means to limit the privileges of > credentials used to update DNS zones. > > This leads to users being forced to use and save their credentials often > equipped with inflated privileges to every machine that needs to acquire > certificates using DNS challenges, effectively meaning that when one of > such machines gets compromised so does the whole DNS zone, or multiple > zones in some cases. It should be noted that currently compromise of the automation itself is catastrophic. Even if you do not run the automation as root nor give it read access to TLS keys, which prevents trivially stealing your TLS keys. And even if you do not give it unneeded validation authority. This is because the authority of automation necressarily includes obtaining certificates for arbitrary keys, so if attacker can not extract your key, they can just substitute their own. HPKP could address attacks like this. Unfortunately, it is being deprecated, with "replacement" being Certificate Transparency. Unfortunately, CT does not help against attacks like this, because after the certificate has been issued, it is too late as revocation does not work. I earlier had idea of Public Key Pinning with CAA records. It would be much safer than HPKP (because if keys get lost, they can be rather quickly changed) and could actually help against the issue (as CAA is proactive, not reactive like CT). I should post a draft about it... -Ilari
- [Acme] Trust and security in DNS challenge valida… Joona Hoikkala
- Re: [Acme] Trust and security in DNS challenge va… Jörn Heissler
- Re: [Acme] Trust and security in DNS challenge va… Ilari Liusvaara
- Re: [Acme] Trust and security in DNS challenge va… Joona Hoikkala
- Re: [Acme] Trust and security in DNS challenge va… Sebastian Nielsen
- Re: [Acme] Trust and security in DNS challenge va… Ilari Liusvaara
- [Acme] TXT records for storing certificates in th… Jim Reid
- Re: [Acme] TXT records for storing certificates i… Sebastian Nielsen