Re: [lamps] Revocation Request Format?

Phillip Hallam-Baker <> Sun, 04 March 2018 03:24 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 3D66F12426E for <>; Sat, 3 Mar 2018 19:24:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.399
X-Spam-Status: No, score=-1.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.25, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.25, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 7roVBy0v8FTx for <>; Sat, 3 Mar 2018 19:24:12 -0800 (PST)
Received: from ( [IPv6:2607:f8b0:4003:c0f::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 6EB9D1200C1 for <>; Sat, 3 Mar 2018 19:24:12 -0800 (PST)
Received: by with SMTP id g97so12110708otg.13 for <>; Sat, 03 Mar 2018 19:24:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=oIg4iIRtByYJlWR0Znvyp8/yCRVpFR6MNt8igNCW0kc=; b=ghWPEge+pCXSVDxB0IiK4Ca+y3AcbUmrfN1oVBz/CleGFbKsR9KrY/LdT8OsXNRDyP DmBL5vL2BNOQsvy6+PRi81OwVigCKya6TjoNuPZRI8POQSQ2tcB2IihaE/Ym3ueuradp lYRBfr0BB+ZfGSdL/e572rcvaVApWYUX+7kkeW2g8CBPQTUK4XkqR/kzZB0tK0TwQw/p lMDpHXSMxmUEpjrNuLBH1SnR9A2wga9v8jtaG4PJDRsYYDedUlr3jTeXiAPR2TzB8n94 H2vuVeuFSrwNbLFwMq1FesKpJlgXmXGFHJgJ0nAFow+jeQrs26Ha42fz/0DJDCFJdlm0 gEcQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=oIg4iIRtByYJlWR0Znvyp8/yCRVpFR6MNt8igNCW0kc=; b=KhnEscoknhNNTJB5o+2GSb27pZGDZ6JpdHR58LLY1Kwd41VupbHrnUuq1slM6qSh76 nwAueSk7q68439Lr5PQ4+I2P7gPJyuXXITf54XKcmV+H4HUAA6dSY14rB6mMPzu8JiO+ FJVHlXWwbSkDNyn9YFHfpoAUx5YUHuEc4MrTXYe/AvHhcsAPNwmkYbILz/1CLqqDNZQP pFcB9xj5lSbJAz9718i8oRhfnJQHMd8qpUH8lkaB9KsL9sUoeFBtjC9jUnzEDBUn/zWN j51OPqQkeBjwFwkHoYzSmJNEUexdthC/njGDu7WpteQXg22CONjzGRRBGuZ4+xc1CTm4 MIMQ==
X-Gm-Message-State: AElRT7GwZPYkh8Ix8tjRbAbszMhKlHyfDZ04WBI8j1K7ao4VfRwqsFKR NRoqLTaiAo5QEhvt6S9Rsj2YnNBKPlcIHHqqEIQ=
X-Google-Smtp-Source: AG47ELsc+eRKM/xPt65o+EDzLXstlsc50zO+8lUPyT90/ZEUIGareUheIcJe2vMiTFxnljZLAuWvtcwUfdhi1Z/eC2k=
X-Received: by with SMTP id p12mr7143785ote.167.1520133851702; Sat, 03 Mar 2018 19:24:11 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Sat, 3 Mar 2018 19:24:10 -0800 (PST)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <> <>
From: Phillip Hallam-Baker <>
Date: Sat, 3 Mar 2018 22:24:10 -0500
X-Google-Sender-Auth: ezJErSToTCzOgN_bYVx5QUQdISA
Message-ID: <>
To: Ryan Sleevi <>
Cc: Peter Bowen <>, SPASM <>, Stephen Farrell <>
Content-Type: multipart/alternative; boundary="94eb2c1c1ce23dec0305668dbef1"
Archived-At: <>
Subject: Re: [lamps] Revocation Request Format?
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 04 Mar 2018 03:24:14 -0000

On Sat, Mar 3, 2018 at 1:34 PM, Ryan Sleevi <> wrote:

> On Sat, Mar 3, 2018 at 12:07 PM Phillip Hallam-Baker <
>> wrote:
>> On Sat, Mar 3, 2018 at 1:29 AM, Stephen Farrell <
>>> wrote:
>>> On 02/03/18 22:33, Ryan Sleevi wrote:
>>> > That's why I think an effort to standardize there is bad, not good,
>>> because
>>> > it counterintuitively fragments the ecosystem, without addressing the
>>> > general issue, which is in my view is moreso a matter of policy,
>>> because of
>>> > the inherent constraints of 2).
>>> FWIW, I don't agree with your conclusion that *any* standardisation
>>> of revocation signals would be counter-productive, but I also don't
>>> think we ought do any such standardisation unless there are a bunch
>>> of CAs and writers of private key handling s/w who do in fact want
>>> to use the same new format for revocation signalling. I don't see a
>>> whole bunch of CAs and others wanting that right now.
>>> So in the short term, I think we agree as to what to (not) do:-)
>> ​At this point, the incident that motivated this proposal happened 4 days
>> ago. So it would probably be a mistake to bang out a draft and promote it
>> to RFC.​
>> ​What I was most interested to know is if we had done the work already
>> and the answer appears to be not in PKIX​ but possibly in ACME. It might
>> just be that all we need to do is to add a few paragraphs to ACME and maybe
>> get an IANA content type for whatever the standalone message blob is.
>> I do think we will need to standardize because we are almost certain to
>> want to pop these blobs in our CT logs at some point and it is in any case
>> the right thing to do. One code path is always better than five code paths
>> offering the same functionality.
> It might be good to start with a Use Cases document first, to figure out
> who the participants/constituents would be. This would align with Stephen’s
> remark re: what writers of private key handling s/w should use. Considering
> such solutions naturally preclude solving (some of) the “compromise”
> scenarios that must be dealt with today, the merits of those use cases
> could be independently evaluated before trying to shape such work.
> I view the transparency aspect as similarly orthogonal - such transparency
> is more beneficial for demonstrating the private key holder authorized a
> revocation. In today’s Web PKI, that is a real problem with CAs
> unilaterally revoking for specious reasons (“malware”, “customer stopped
> paying monthly fee”, “we added a new domain name to the customer account”)
> or Resellers, often misguided, requesting revocation per the terms of their
> contract with the CA without regard to whether or not the Certificate
> recipient desires it.
​The customer's credit card having been declined due to fraud or a
chargeback for fraud is actually one of the most potent signs indicating
that the certificate is likely to be used maliciously.​