IETF Logo Mail Archive

Re: [Trans] Directory instead of .well-known for URL structure

Andrew Ayer <agwa@andrewayer.name> Mon, 01 July 2019 19:37 UTC

Return-Path: <agwa@andrewayer.name>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C077E120177 for <trans@ietfa.amsl.com>; Mon, 1 Jul 2019 12:37:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=andrewayer.name
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mRNL6Ifey4lR for <trans@ietfa.amsl.com>; Mon, 1 Jul 2019 12:37:04 -0700 (PDT)
Received: from thomson.beanwood.com (thomson.beanwood.com [IPv6:2600:1f16:719:be00:5c48:f083:d884:d130]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4AC9D120170 for <trans@ietf.org>; Mon, 1 Jul 2019 12:37:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=andrewayer.name; s=beanwood20160511; t=1562009823; bh=Sy5sjN6+FYQWc9bM4kvIWp10T4wifu2IDYAlCqxnI8U=; h=Date:From:To:Subject:In-Reply-To:References; b=n/2Mqjm3H8NJAFb/SPwey/XrbISZbfxCqXc9YWlYP4kbhqZxI2gLQ96VDZdLENkoN bncQ9k8SLrsFGi0pGNkbENIB8MFlE9MPsmJxGPDNp0L0nAQWL5Zardnj2Nxvf/80Nr aWKXxllclweV3N/WVk2w3CCAg3TK8+lfQgbCfkNleepkVjgSId9ObNRvjBOw1MZn8x RjVLH8ivu1h6icH19D5Y4jXqNVNzdBhQ+OFjPyrfy7WWbLPNIYeNyjIs8+bi7jw9co bH/jwjLxJ5W6WGKTXeiyT38KmFGDElENVmau5bHii/DF85KXUHYHhKsV6x9EZnbmSg CTt6P6yMPncfA==
Date: Mon, 01 Jul 2019 12:37:01 -0700
From: Andrew Ayer <agwa@andrewayer.name>
To: "trans@ietf.org" <trans@ietf.org>
Message-Id: <20190701123701.b3ba6b44ef85a74da6209e64@andrewayer.name>
In-Reply-To: <0d5e05fc-8f1e-54b5-536d-231153e7baf7@eff.org>
References: <0d5e05fc-8f1e-54b5-536d-231153e7baf7@eff.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/gT-u9LXaiz7CiOp-_731SV0xdxQ>
Subject: Re: [Trans] Directory instead of .well-known for URL structure
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 01 Jul 2019 19:37:06 -0000

I also think .well-known URLs are a bad idea, for the same reasons
as Jacob.

I think directories are even worse.  Although they've been used
successfully in ACME, CT has different needs which make directories
unsuitable.  ACME's usage pattern is to make a series of related
requests over a short time period to drive a certificate request to
issuance, with the client maintaining state between each request.
This makes it natural for a client to fetch the directory once at the
beginning of an issuance "session" and use it for the duration, since
the cost of fetching the directory is amortized over all the requests,
and the directory is unlikely to become invalid during the session.

However, CT's usage pattern is to make a lot of unrelated one-off
requests spread over a long period of time - e.g. submitting a
(pre)certificate, fetching an inclusion proof, fetching the latest STH
to send to auditors. Clients would have to either fetch a new directory
for every request (doubling the number of requests made to the log) or
cache directories in long-term state (which requires dealing with
cached directories going stale, and requires keeping long-term state
which might not otherwise be necessary).

ACME's use of directories is underspecified since it doesn't say how
long a directory remains valid.  It's not a big deal for ACME because
ACME servers are presumed to be sane, or people would switch to another
CA. However, CT is meant to be an adversarial protocol and has to
anticipate logs doing crazy things like constantly changing their
directory in an effort to stymie auditing and hide misbehavior.

Thus, CT's use of directories would need to be quite well specified.
It is not a change that should be rushed at the last minute without a
chance for people to carefully examine and poke holes in it.

CT clients already need to be configured with a number of parameters
for each log - MMD, hash algorithm, public key, log ID, and so on.
Adding a directory would bifurcate log metadata between the existing
parameter set and the new directory object.

I propose satisfying BCP 190 by simply specifying the URL for each
endpoint as a separate log parameter.  This is a very minimal change to
the protocol and avoids the problems above.

Regards,
Andrew

v2.23.0 | Report a Bug | By Email