Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf-acme-acme-14: (with DISCUSS and COMMENT)
Benjamin Kaduk <kaduk@mit.edu> Sun, 16 September 2018 15:41 UTC
Return-Path: <kaduk@mit.edu>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3A50E127B92 for <acme@ietfa.amsl.com>; Sun, 16 Sep 2018 08:41:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gW3rszxIFeM5 for <acme@ietfa.amsl.com>; Sun, 16 Sep 2018 08:41:49 -0700 (PDT)
Received: from dmz-mailsec-scanner-4.mit.edu (dmz-mailsec-scanner-4.mit.edu [18.9.25.15]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 23CD6120072 for <acme@ietf.org>; Sun, 16 Sep 2018 08:41:49 -0700 (PDT)
X-AuditID: 1209190f-5f9ff70000005842-33-5b9e79bb173a
Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-4.mit.edu (Symantec Messaging Gateway) with SMTP id E4.FD.22594.BB97E9B5; Sun, 16 Sep 2018 11:41:48 -0400 (EDT)
Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id w8GFfkCZ007723; Sun, 16 Sep 2018 11:41:46 -0400
Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id w8GFfgai017195 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sun, 16 Sep 2018 11:41:45 -0400
Date: Sun, 16 Sep 2018 10:41:42 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: Felix Fontein <felix=40fontein.de@dmarc.ietf.org>
Cc: acme@ietf.org
Message-ID: <20180916154142.GZ48265@kduck.kaduk.org>
References: <153556883241.14872.599302420878484743.idtracker@ietfa.amsl.com> <CAL02cgQoC1YAA1wjftoFSMBfm7Vi4KUXUQW633GZ5tM9VMMrmg@mail.gmail.com> <CAKnbcLgNrmqWp4BUz=c2-Y5NQ3FqfPe3-RqRp_ocWxv+c+jWWA@mail.gmail.com> <20180916015154.GU48265@kduck.kaduk.org> <20180916173537.1fe0d18d@rovaniemi>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20180916173537.1fe0d18d@rovaniemi>
User-Agent: Mutt/1.9.1 (2017-09-22)
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFvrGIsWRmVeSWpSXmKPExsUixCmqrbuncl60wYl1jBarngdabJqzmMmB yePEsiusHkuW/GQKYIrisklJzcksSy3St0vgylgy/zhjwWKRivl7HrA2MG4V6GLk5JAQMJFY 0/+MqYuRi0NIYDGTxP9pU9kgnI2MEmvP32WEcK4ySVz5tYMRpIVFQFWi58kDVhCbTUBFoqH7 MjOILSJgKrGoZy9YnFlAUGLPie9AcQ4OYYFUicOrKkHCvEDbVk2/zAIxczWTxMFpy5khEoIS J2c+YYHo1ZK48e8lE0gvs4C0xPJ/HCBhTgEDib83G8FKRAWUJfb2HWKfwCgwC0n3LCTdsxC6 FzAyr2KUTcmt0s1NzMwpTk3WLU5OzMtLLdI10cvNLNFLTSndxAgOUkn+HYxzGrwPMQpwMCrx 8EaEzI0WYk0sK67MPcQoycGkJMq71Wt2tBBfUn5KZUZicUZ8UWlOavEhRgkOZiUR3o/f5kQL 8aYkVlalFuXDpKQ5WJTEec/qTo4WEkhPLEnNTk0tSC2CycpwcChJ8KZWzIsWEixKTU+tSMvM KUFIM3FwggznARpuAVLDW1yQmFucmQ6RP8Woy/Hn/dRJzEIsefl5qVLivMUgRQIgRRmleXBz QMlFInt/zStGcaC3hHnPglTxABMT3KRXQEuYgJZkbAD5oLgkESEl1cBoZuFgWOIdILnrBkOZ +sU5QckLvfTY893UD1yeITO/dM9CF587LJb7qudtW1q9pSv/koTxwdYQhRnbevzzuJT1a4/5 MZrZWYaf9NmRyzztS07x6tP3ouRqQmXXLKytlvyS62Pvv7xmTZf5wun+z6vXtZSu9XRMOrsl 1y1eiT+KrUuk3rVqshJLcUaioRZzUXEiADrZcQkJAwAA
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/tnoDgjuEuWNopahRj5r5Uk1l8Ks>
Subject: Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf-acme-acme-14: (with DISCUSS and COMMENT)
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Sep 2018 15:41:51 -0000
On Sun, Sep 16, 2018 at 05:35:37PM +0200, Felix Fontein wrote: > Hi, > > > > > [...] Secondly, the entropy requirement > > > > prevents ACME clients from implementing a "naive" validation > > > > server that automatically replies to challenges without > > > > participating in the creation of the initial authorization > > > > request. > > > > > > > > IMPORTANT: I'm not sure I see how this applies to the HTTP > > > > mechanism -- couldn't you write a script to reply > > > > to .well-known/acme-challenge/<foo> with <foo>.<key thumbprint> > > > > for a fixed key thumbprint? The validation server would ned to > > > > know about the ACME account in question, but not about any > > > > individual authorization request. > > > > > > It would also need to know the <foo> value, which is not provided > > > in the validation request specifically to avoid this. > > > > As I said above, "[w]ell now I'm really confused." In the example > > HTTP challenge exchange (duplicated here): > > > > GET /.well-known/acme-challenge/LoqXcYV8q5ONbJQxbmR7SCTNo3tiAXDfowyjxAjEuX0 > > Host: example.org > > > > HTTP/1.1 200 OK > > Content-Type: application/octet-stream > > > > LoqXcYV8q5ONbJQxbmR7SCTNo3tiAXDfowyjxAjEuX0.9jg46WB3rR_AHD-EBXdN7cBkH1WOu0tA3M9fm21mqTI > > > > Doesn't the path in the GET include the <foo>? > > Yes, and some people are already using this to add a generic > authorization replier (which needs the thumbprint of the account key). > For example, the acme.sh client supports this "stateless mode" (as it > is called there): > https://github.com/Neilpang/acme.sh/wiki/Stateless-Mode Okay, that matches up with my understanding and maybe un-confuses me. But does this state of affairs nullify the text in the -14 about: [...] the entropy requirement prevents ACME clients from implementing a "naive" validation server that automatically replies to challenges without participating in the creation of the initial authorization request. ? -Benjamin > (There currently is also a discussion in the Let's Encrypt community > forum about this, see > https://community.letsencrypt.org/t/xss-via-acme-implementations/72295; > this is because some implementations do not restrict the allowed input > and thus allow XSS attacks, as described here: > https://labs.detectify.com/2018/09/04/xss-using-quirky-implementations-of-acme-http-01/) > > Cheers, > Felix > > _______________________________________________ > Acme mailing list > Acme@ietf.org > https://www.ietf.org/mailman/listinfo/acme
- [Acme] Benjamin Kaduk's Discuss on draft-ietf-acm… Benjamin Kaduk
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Richard Barnes
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Ben Campbell
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Alexey Melnikov
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Richard Barnes
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Richard Barnes
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Daniel McCarney
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Felix Fontein
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Felix Fontein
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Daniel McCarney
- Re: [Acme] Benjamin Kaduk's Discuss on draft-ietf… Benjamin Kaduk
- [Acme] lack of nonce for external account binding… Benjamin Kaduk
- Re: [Acme] lack of nonce for external account bin… Richard Barnes
- Re: [Acme] lack of nonce for external account bin… Benjamin Kaduk
- Re: [Acme] lack of nonce for external account bin… Richard Barnes
- Re: [Acme] lack of nonce for external account bin… Salz, Rich