IETF Logo Mail Archive

Re: [Trans] Directory instead of .well-known for URL structure

Eran Messeri <eranm@google.com> Wed, 03 July 2019 16:04 UTC

Return-Path: <eranm@google.com>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CA3012068B for <trans@ietfa.amsl.com>; Wed, 3 Jul 2019 09:04:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.499
X-Spam-Level:
X-Spam-Status: No, score=-17.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5QpEE8X3TKif for <trans@ietfa.amsl.com>; Wed, 3 Jul 2019 09:04:32 -0700 (PDT)
Received: from mail-qt1-x831.google.com (mail-qt1-x831.google.com [IPv6:2607:f8b0:4864:20::831]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A318212064F for <trans@ietf.org>; Wed, 3 Jul 2019 09:04:32 -0700 (PDT)
Received: by mail-qt1-x831.google.com with SMTP id a15so4083021qtn.7 for <trans@ietf.org>; Wed, 03 Jul 2019 09:04:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=BCWWq3EIcTy1UhYIEo5bkSyn4HvBTqSw+pj0VmIAvPY=; b=n73zkZnlLO1lSNrRBhfdlPWkhlXFsSBvVGc8iVLWeIYwsA61n4PlV9ieyA7qTWofWA mdidfHD7UomzH7jCbazhalxHT8T9ecMTdldMX6dwFl1Sxnl6CI+acFMgBnYVNvS6jF1y dfMgV17lhWssq3WI3Y/RD3PoPfXEycxA7aoTXDRfqfkmLvMwBInjf6fj9OMhwi6np+zD zwMD0N/AejvqBoKtmR1P+s9SMldtlPuv4RvI6o1o/WthJN2L52oUFhE5IBuzUo13tA4J 1EyzywQyCsgR32yGSzeUluTYjXbNMr8lYML8Ytq6AbrTrSgbm7zVKx+rEb79dL1fv9Ab MJ6w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=BCWWq3EIcTy1UhYIEo5bkSyn4HvBTqSw+pj0VmIAvPY=; b=TOsiV+2F2wC88ZJAOldrxKEmLe0KoTTjw5NaTmfahoTbNIHLHNE/CKmYc36eVLHjWf hBUlzBrnVnUjywPPCIK3ib9EwelP3kLFJ8geH5RnEurSYrfnly+vnNMTMsn+SXkFJ9pN TA3Je3hVY+dfYuyNLpvQBK+/+LsNerJOTZdES0EzOVQDQXAFzpQzPKpGHevVDslDnEVL UzrUkOJk3E2ytGB/HkcLRJUBFVEWR6cScnoN2lmqfWO9A6GiX72gzLvC5hi3QFzD3Dvk vQNhzVIEi6sRk4v+y268CZLbwmxmNUT/0d7B4BG7WFY03vcaudMpyYkfBeUrpEbV/EiM o0Mg==
X-Gm-Message-State: APjAAAXHZ28eeWgmkXIrEliR5+1DqlW59TIudqnmZbLqqKY/tEIUUb4V +5vbgllJw80u2fXTyNQLaH01l1G+HLddQqo93umQ+A==
X-Google-Smtp-Source: APXvYqyeHISkfNkqD4vr6nUOsL+eNKP7DdVKw+sQf7XpAJud1fPRl8/gFLoWhurMgTMfDSbwsZ+7E4q+cn76Dy/j/Dc=
X-Received: by 2002:a25:738a:: with SMTP id o132mr8609651ybc.139.1562169871182; Wed, 03 Jul 2019 09:04:31 -0700 (PDT)
MIME-Version: 1.0
References: <0d5e05fc-8f1e-54b5-536d-231153e7baf7@eff.org> <20190701123701.b3ba6b44ef85a74da6209e64@andrewayer.name> <2cbff182-7c7a-4c55-b2d2-a67f41dd7436@sectigo.com> <CAPbZxJTvk805WtR6FF8xUR0GS=E9gcEMphJR658GuTN8V0h_qg@mail.gmail.com> <047d5a04-4176-6651-b200-6ce7ce8a8266@sectigo.com>
In-Reply-To: <047d5a04-4176-6651-b200-6ce7ce8a8266@sectigo.com>
From: Eran Messeri <eranm@google.com>
Date: Wed, 03 Jul 2019 17:04:04 +0100
Message-ID: <CALzYgEc_aE+pcB-Y59VsG-s9PHyEW=94vUQdWZ7o-PvOra9PmQ@mail.gmail.com>
To: Rob Stradling <rob@sectigo.com>
Cc: Rob Percival <robpercival@google.com>, "trans@ietf.org" <trans@ietf.org>, Andrew Ayer <agwa@andrewayer.name>
Content-Type: multipart/alternative; boundary="00000000000040bf42058cc904d1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/CisWQc2Sxn9Yig9wguommSIMg9s>
Subject: Re: [Trans] Directory instead of .well-known for URL structure
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jul 2019 16:04:41 -0000

I support Andrew Ayer and Rob Stradling's suggestion to " require each
endpoint to be specified as a log parameter."

The reasons outlined make a lot of sense from an implementation
perspective, our experience with RFC6962 suggest that absent caching
mechanisms, logs would face significant load if all clients were to audit
them. Adding a requirement to fetch a directory would increase the load for
(as far as I can tell) no good reason.

I think under-specifying it right now is the only option as we have no
specification of the log metadata. I don't think it's too big of a deal as
when people start implementing 6962-bis I expect the log metadata format
will evolve based on the existing schemas and, if necessary, could be
standardized.


On Wed, Jul 3, 2019 at 2:52 PM Rob Stradling <rob@sectigo.com> wrote:

> Thanks Rob.  Both the to-be-deprecated and new schemas are of course
> focused on CT v1 (RFC6962), so ISTM that neither of them are suitable
> candidates for 6962-bis to point at.
>
> Maybe we should simply remove the "[JSON.Metadata] is an example of a
> metadata format which includes the above elements" sentence from 6962-bis.
>
> On 02/07/2019 18:51, Rob Percival wrote:
> > FYI: That JSON schema is planned for deprecation; a new version was
> > proposed last year and, following a period for feedback, parties have
> > been slowly migrating to the new schema:
> >
> https://groups.google.com/a/chromium.org/d/topic/ct-policy/26dmpWdaSHM/discussion
> >
> > That thread would be a good place to propose schema changes.
> >
> > On Tue, 2 Jul 2019, 16:08 Rob Stradling, <rob@sectigo.com
> > <mailto:rob@sectigo.com>> wrote:
> >
> >     Andrew, thanks for your analysis.  Comments inline...
> >
> >     On 01/07/2019 20:37, Andrew Ayer wrote:
> >      > I also think .well-known URLs are a bad idea, for the same reasons
> >      > as Jacob.
> >      >
> >      > I think directories are even worse.  Although they've been used
> >      > successfully in ACME, CT has different needs which make
> directories
> >      > unsuitable.  ACME's usage pattern is to make a series of related
> >      > requests over a short time period to drive a certificate request
> to
> >      > issuance, with the client maintaining state between each request.
> >      > This makes it natural for a client to fetch the directory once at
> the
> >      > beginning of an issuance "session" and use it for the duration,
> since
> >      > the cost of fetching the directory is amortized over all the
> >     requests,
> >      > and the directory is unlikely to become invalid during the
> session.
> >      >
> >      > However, CT's usage pattern is to make a lot of unrelated one-off
> >      > requests spread over a long period of time - e.g. submitting a
> >      > (pre)certificate, fetching an inclusion proof, fetching the
> >     latest STH
> >      > to send to auditors. Clients would have to either fetch a new
> >     directory
> >      > for every request (doubling the number of requests made to the
> >     log) or
> >      > cache directories in long-term state (which requires dealing with
> >      > cached directories going stale, and requires keeping long-term
> state
> >      > which might not otherwise be necessary).
> >      >
> >      > ACME's use of directories is underspecified since it doesn't say
> how
> >      > long a directory remains valid.  It's not a big deal for ACME
> because
> >      > ACME servers are presumed to be sane, or people would switch to
> >     another
> >      > CA.
> >
> >     It's not been a big deal for ACME...yet.  But why leave it to chance?
> >
> >     I just filed this erratum against RFC8555:
> >     https://www.rfc-editor.org/errata/eid5771
> >
> >      > However, CT is meant to be an adversarial protocol and has to
> >      > anticipate logs doing crazy things like constantly changing their
> >      > directory in an effort to stymie auditing and hide misbehavior.
> >      >
> >      > Thus, CT's use of directories would need to be quite well
> specified.
> >      > It is not a change that should be rushed at the last minute
> without a
> >      > chance for people to carefully examine and poke holes in it.
> >
> >     Agreed.
> >
> >      > CT clients already need to be configured with a number of
> parameters
> >      > for each log - MMD, hash algorithm, public key, log ID, and so on.
> >      > Adding a directory would bifurcate log metadata between the
> existing
> >      > parameter set and the new directory object.
> >      >
> >      > I propose satisfying BCP 190 by simply specifying the URL for each
> >      > endpoint as a separate log parameter.  This is a very minimal
> >     change to
> >      > the protocol and avoids the problems above.
> >
> >     I agree that it would make sense to require each endpoint to be
> >     specified as a log parameter.  Your point about bifurcation is well
> >     made.
> >
> >     So then I think the question is: Should 6962-bis specify a
> "directory"
> >     endpoint that returns a JSON structure that contains all of the log's
> >     parameters (including each of the endpoint URLs)?  Or should 6962-bis
> >     not mandate any particular format by which log operators should
> >     distribute this information?
> >
> >     Currently, 6962-bis doesn't mandate a format, but it does point to an
> >     example format:
> >         "[JSON.Metadata] is an example of a metadata format which
> >     includes the
> >          above elements."
> >
> >     Sadly, this claim is not currently true, because [JSON.Metadata]
> >     (https://www.gstatic.com/ct/log_list/log_list_schema.json) does not
> >     currently "include the above elements".  We should fix this somehow.
> >     But how?
> >
> >     Also, how often is a CT client expected to refresh log metadata it
> has
> >     obtained from (for example) [JSON.Metadata] ?
> >     Is it wise to underspecify this?
> >
> >      > Regards,
> >      > Andrew
> >
> >     --
> >     Rob Stradling
> >     Senior Research & Development Scientist
> >     Sectigo Limited
> >
> >     _______________________________________________
> >     Trans mailing list
> >     Trans@ietf.org <mailto:Trans@ietf.org>
> >     https://www.ietf.org/mailman/listinfo/trans
> >
>
> --
> Rob Stradling
> Senior Research & Development Scientist
> Email: rob@sectigo.com
> Bradford, UK
> Office: +441274024707
> Sectigo Limited
>
> This message and any files associated with it may contain legally
> privileged, confidential, or proprietary information. If you are not the
> intended recipient, you are not permitted to use, copy, or forward it,
> in whole or in part without the express consent of the sender. Please
> notify the sender by reply email, disregard the foregoing messages, and
> delete it immediately.
> _______________________________________________
> Trans mailing list
> Trans@ietf.org
> https://www.ietf.org/mailman/listinfo/trans
>

v2.23.0 | Report a Bug | By Email