Re: [Acme] Just the technical comments (was: ACME draft is now in WGLC.)
Jacob Hoffman-Andrews <jsha@eff.org> Tue, 07 March 2017 01:10 UTC
Return-Path: <jsha@eff.org>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7759D1299EF for <acme@ietfa.amsl.com>; Mon, 6 Mar 2017 17:10:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.004
X-Spam-Level:
X-Spam-Status: No, score=-7.004 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=eff.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9hPbKbcuTyfi for <acme@ietfa.amsl.com>; Mon, 6 Mar 2017 17:10:30 -0800 (PST)
Received: from mail2.eff.org (mail2.eff.org [173.239.79.204]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C900012956C for <acme@ietf.org>; Mon, 6 Mar 2017 17:10:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=eff.org; s=mail2; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:MIME-Version:Date:Message-ID:From:Cc:References:To:Subject; bh=A4EEufb6dPFi6Mf7ulFRuOHyiLhZDf5l0FahrgyQWLA=; b=HkDYp9IKe2QnM835wtnWqe2pePcvdvsCflM7f3J3N3w8BNyLZSIdvrk+uHoT6nxdZY21Ias9ojrjGEW6cFJ1hAXD6Ve0MOI1aHSELp8EziHqkhz6hfomk/wGfPSy8CW8gH+nlTwg9EbJnN3sG3uoqIx04IQOHvapvly/f2OzSTo=;
Received: ; Mon, 06 Mar 2017 17:10:32 -0800
To: Martin Thomson <martin.thomson@gmail.com>, Richard Barnes <rlb@ipv.sx>
References: <CABkgnnXOED3Q6F74S=gxWXL4P56zsBkBA7kqmXs-WKKu12aFdw@mail.gmail.com> <CAL02cgQu7Hnf-481xJn3U1a-=fZvaF0H6E_nim8Kr7d+RyWoJw@mail.gmail.com> <CABkgnnXXka5H2JA=QiEDcFe4EY=iUN+9i0ZPjGJUOJhS2JhcSg@mail.gmail.com>
From: Jacob Hoffman-Andrews <jsha@eff.org>
Message-ID: <a12fa590-3db1-279a-9254-1f593b6cb7aa@eff.org>
Date: Mon, 06 Mar 2017 17:10:29 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0
MIME-Version: 1.0
In-Reply-To: <CABkgnnXXka5H2JA=QiEDcFe4EY=iUN+9i0ZPjGJUOJhS2JhcSg@mail.gmail.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: 7bit
Received-SPF: skipped for local relay
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/rfEUoQWurPlSWQjZcJm3AN_8BBM>
Cc: "acme@ietf.org" <acme@ietf.org>
Subject: Re: [Acme] Just the technical comments (was: ACME draft is now in WGLC.)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Mar 2017 01:10:32 -0000
On 03/06/2017 04:21 PM, Martin Thomson wrote: > I don't mean as anything. The question is simply whether it does or > not. It might make it easier to construct a valid response, though > I'm not sure that has reads on the ability of an attacker to generate > a valid response given the challenge structure. No, the server is not defined to send a Referer header. I think it's not needed.
- [Acme] Just the technical comments (was: ACME dra… Martin Thomson
- Re: [Acme] Just the technical comments (was: ACME… Richard Barnes
- Re: [Acme] Just the technical comments (was: ACME… Martin Thomson
- Re: [Acme] Just the technical comments (was: ACME… Jacob Hoffman-Andrews