IETF Logo Mail Archive

Re: [Acme] Content-Type and file extensions for HTTP01 challenges

Niklas Keller <me@kelunik.com> Thu, 19 November 2015 18:06 UTC

Return-Path: <me@kelunik.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6D6D31B33B9 for <acme@ietfa.amsl.com>; Thu, 19 Nov 2015 10:06:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.027
X-Spam-Level:
X-Spam-Status: No, score=-1.027 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FM_FORGED_GMAIL=0.622, HELO_EQ_DE=0.35, HTML_MESSAGE=0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M4vMDpunxhTH for <acme@ietfa.amsl.com>; Thu, 19 Nov 2015 10:06:02 -0800 (PST)
Received: from mo6-p00-ob.smtp.rzone.de (mo6-p00-ob.smtp.rzone.de [IPv6:2a01:238:20a:202:5300::6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A7831B33B6 for <acme@ietf.org>; Thu, 19 Nov 2015 10:06:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1447956360; l=2910; s=domk; d=kelunik.com; h=Content-Type:Cc:To:Subject:Date:From:In-Reply-To:References: MIME-Version; bh=AHtt9Wkdzq2+E4JJ5JjC72mEBqN9z9uxnwaryireDT4=; b=XMblvhWnAwxnTaboTYyKBs5Pcw8y5wqbWU64bYVvENa8B34lhkuH3QPIKhkxSoQ3OuT WuW8rICKdaYQ6nhfj6NZ6ALS7e8k3BMcZ0q26bAuF/PqhQ/F9kZxiBl78Nqzj1H73kIlk ZumqOL3dYWgMFANY+Q1ZxnYvfoy0d5edFl8=
X-RZG-AUTH: :IWkkfkWkbvHsXQGmRYmUo9mls2vWuiu+7SLGvomb4bl9EfHtOnA6
X-RZG-CLASS-ID: mo00
Received: from mail-wm0-f53.google.com ([74.125.82.53]) by smtp.strato.de (RZmta 37.14 AUTH) with ESMTPSA id 903f26rAJI5xApX (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA (curve secp384r1 with 384 ECDH bits, eq. 7680 bits RSA)) (Client did not present a certificate) for <acme@ietf.org>; Thu, 19 Nov 2015 19:05:59 +0100 (CET)
Received: by wmvv187 with SMTP id v187so38386719wmv.1 for <acme@ietf.org>; Thu, 19 Nov 2015 10:05:59 -0800 (PST)
X-Received: by 10.194.171.97 with SMTP id at1mr9854262wjc.39.1447956359912; Thu, 19 Nov 2015 10:05:59 -0800 (PST)
MIME-Version: 1.0
References: <20151113004436.GB18430@eff.org> <CABkgnnU5EzaPA4o7OgnTBpSQCZxjD+QsSV=4_L2rOBeFAoauKA@mail.gmail.com> <20151113011259.GC18430@eff.org> <1F85B447-6C45-4E5A-BB10-F1AD5CB2C3F3@vigilsec.com> <CABsBmKM9t3dX0_zq-EwsTOo7HpeMF6meiw9PhBaQLbHOCpGVGg@mail.gmail.com> <CAHw9_iJwqqhMb+7+aj6Sszfi6_K9=rREEK3dbpQ6yddrmHSKsg@mail.gmail.com> <CANUQDCgDeaLtaNfeEUQ3D=7EOwjL-Q0i6Q1FKxMTVtfY9d-bow@mail.gmail.com> <20151118180011.GW18430@eff.org> <CA+9kkMARw2Y86fjFyxoJJU6GJGYmorhJZqCGdns7-CV142v_qA@mail.gmail.com> <CANUQDCizmx=22WwwyVCs55mYYWQ02mYyiGaiC19GG39F9JkViQ@mail.gmail.com> <CABkgnnV8=0TVyBU4ugM-R1-izHTx2ugNmOq+MbthQ=qw-r36Hw@mail.gmail.com> <CABsBmKNBcpD59DPNLGKBKq+TyhDxFxp1dZfDWfoDnaW3EGm+wA@mail.gmail.com> <CANUQDCi7YXpLD4DWDWq-1=O-6DYw3oOgZoea3c3sk7LGTV0Xyw@mail.gmail.com> <CABsBmKPOPWJ9nqNgRWga-NxxX_nBejQfrDsJ2Ja5ECOEk3OMPg@mail.gmail.com>
In-Reply-To: <CABsBmKPOPWJ9nqNgRWga-NxxX_nBejQfrDsJ2Ja5ECOEk3OMPg@mail.gmail.com>
From: Niklas Keller <me@kelunik.com>
Date: Thu, 19 Nov 2015 18:05:50 +0000
X-Gmail-Original-Message-ID: <CANUQDCiNB-6o9CBBTVqfJpE+hkmB2CNC2u56OGnr0ht7o+TZCQ@mail.gmail.com>
Message-ID: <CANUQDCiNB-6o9CBBTVqfJpE+hkmB2CNC2u56OGnr0ht7o+TZCQ@mail.gmail.com>
To: Bryan Livingston <bryanlivingston@gmail.com>
Content-Type: multipart/alternative; boundary="089e013c61507ba95f0524e89c1f"
Archived-At: <http://mailarchive.ietf.org/arch/msg/acme/v6hG_oamPapdf_o2me1RApAidlA>
Cc: Ted Hardie <ted.ietf@gmail.com>, Peter Eckersley <pde@eff.org>, Martin Thomson <martin.thomson@gmail.com>, IETF ACME <acme@ietf.org>, Russ Housley <housley@vigilsec.com>, Warren Kumari <warren@kumari.net>
Subject: Re: [Acme] Content-Type and file extensions for HTTP01 challenges
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Nov 2015 18:06:04 -0000

I'd prefer that currently, way better than having a lot of different specs
with only minimal differences.

Bryan Livingston <bryanlivingston@gmail.com> schrieb am Do., 19. Nov. 2015
18:56:

> We could have the ACME server look for both a .txt and extensenless
> answer, if we'd rather not create an http-02 type at this time.
>
> On Wed, Nov 18, 2015 at 1:19 PM, Niklas Keller <me@kelunik.com> wrote:
>
>> 2015-11-18 21:05 GMT+01:00 Bryan Livingston <bryanlivingston@gmail.com>:
>>
>>> I was thinking that the Authorize Challenge token generated by the
>>> server could have a .txt appended to it. Would the clients just work in
>>> that case, and maybe not need to create a new challenge type?
>>>
>>
>> No, that's not compatible, because the token is base64url encoded, that
>> doesn't include dots.
>>
>> Regards, Niklas
>>
>
>

v2.23.0 | Report a Bug | By Email