IETF Logo Mail Archive

Re: [Acme] ACME breaking change: Most GETs become POSTs

Felipe Gasper <felipe@felipegasper.com> Fri, 31 August 2018 00:45 UTC

Return-Path: <felipe@felipegasper.com>
X-Original-To: acme@ietfa.amsl.com
Delivered-To: acme@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B4BAF130DC8 for <acme@ietfa.amsl.com>; Thu, 30 Aug 2018 17:45:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=felipegasper.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cwqlX3TrmHWD for <acme@ietfa.amsl.com>; Thu, 30 Aug 2018 17:45:54 -0700 (PDT)
Received: from web1.siteocity.com (web1.siteocity.com [67.227.147.204]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0BC13124BE5 for <acme@ietf.org>; Thu, 30 Aug 2018 17:45:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=felipegasper.com; s=default; h=Message-Id:In-Reply-To:To:References:Date: Subject:Mime-Version:Content-Transfer-Encoding:Content-Type:From:Sender: Reply-To:Cc:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=APN+8fECFImBTveikw6C1XBzxtdgQJcMj7WtVBoR2wU=; b=a7didWt8eHAwf2ewsUb/Vp8jN6 x5gbB/EH8JLtk+CPUaG22w2rGkzxMRWuH3vh4kF69vPbJfHB38WyGrOXfrL6N9d+A4uhb9KWryx6k atHuQz//UBu73QJca4TBCVhKqUAg9BMGOzpNHIE4/01N+QwvhVlXohZ+mJ2BIw+WyudJxyvTra3j6 8JIXW5rdU4iiwSmuViXME9uP+STdugyLbqj3fpG9dk6PwI7ZycIHYEuGaPGmd0E2TrGOvxRPzBRSM s7j2gMGQwBKbmDx9glb5Wblzy6/3sQD8pIox/W6E7fT2L/nRrukH8bEWEQ4Wd6FuxjSn9GNtumPht UCm0adfQ==;
Received: from cpe9050cab50823-cm9050cab50820.cpe.net.cable.rogers.com ([99.248.56.67]:52716 helo=[192.168.0.14]) by web1.siteocity.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.91) (envelope-from <felipe@felipegasper.com>) id 1fvXZQ-001M52-Ia for acme@ietf.org; Thu, 30 Aug 2018 19:45:53 -0500
From: Felipe Gasper <felipe@felipegasper.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Date: Thu, 30 Aug 2018 20:45:50 -0400
References: <c33184f3-4e64-b7ea-babb-d29e2307f1f3@eff.org> <2a889461-da9e-d3bd-e5a8-688eda61c614@eff.org>
To: ACME WG <acme@ietf.org>
In-Reply-To: <2a889461-da9e-d3bd-e5a8-688eda61c614@eff.org>
Message-Id: <51509028-1939-4851-8BB5-41F94FA146A1@felipegasper.com>
X-Mailer: Apple Mail (2.3445.9.1)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - web1.siteocity.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - felipegasper.com
X-Get-Message-Sender-Via: web1.siteocity.com: authenticated_id: fgasper/from_h
X-Authenticated-Sender: web1.siteocity.com: felipe@felipegasper.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/acme/yiNWW17nT8NnBFIAVwn8KdfAYSc>
Subject: Re: [Acme] ACME breaking change: Most GETs become POSTs
X-BeenThere: acme@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: Automated Certificate Management Environment <acme.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/acme>, <mailto:acme-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/acme/>
List-Post: <mailto:acme@ietf.org>
List-Help: <mailto:acme-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/acme>, <mailto:acme-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 31 Aug 2018 00:45:56 -0000


> On Aug 30, 2018, at 7:48 PM, Jacob Hoffman-Andrews <jsha@eff.org> wrote:
> 
> (Replying to Felipe's comment from the thread "Re: [Acme] Adam Roach's Discuss on draft-ietf-acme-acme-14: (with DISCUSS and COMMENT)")
> 
> On 08/30/2018 11:17 AM, Felipe Gasper wrote:
> > Would it work to keep certificate fetches as plain GET?
> >
> > In shared hosting environments it’s common for a privileged process to request certificates on behalf of user accounts. This avoids having 1,000s of ACME server registrations from a single server. While certificates are generally made available within seconds, theoretically the delay between request and issuance could be much longer (e.g., for OV/EV), such that it might be prudent for that privileged process to give the order ID to the user and have the user poll for the certificate, e.g., via cron.
> 
> This use case makes sense, but I think it is not critical enough to carve out an exception from the "GETs become POSTs" plan. If the ACME implementation structures certificate fetches such that they are enumerable, you would wind up again with the same sort of correlation problem Adam brought up. You could make the certificate URLs unpredictable, but then you've introduced a notion of capability URLs[1], which breaks the notion of having a single authentication system for ACME.

I suppose if I have:

GET /order/123/certificate    =>   cert for yin.com

GET /order/124/certificate    =>   cert for yang.com

… then one could surmise (however justifiably) that these two may be related, so I see the point.

> You could make the certificate URLs unpredictable, but then you've introduced a notion of capability URLs[1], which breaks the notion of having a single authentication system for ACME.

I can see that.


Thanks for your consideration!

-FG

v2.23.0 | Report a Bug | By Email