On Fri, Aug 31, 2018 at 12:32:08PM -0400, Richard Barnes wrote:
> I've started a PR for your DISCUSS comments here:
>
> https://github.com/ietf-wg-acme/acme/pull/447
>
> Right now, there are the following major edits there:
>
> - Added some text to the Security Considerations that clarifies that the
> only protection we provide against an ACME MitM is that we prevent it from
> getting improper authorization. We don't prevent it from doing downgrade
> attacks or DoS.
>
> - Added an explicit statement that there are no restrictions on the use of
> 0-RTT
>
> - Clarified what contents are expected in the "challenges" array
>
> Some more comments inline below. Comments addressed by PR / overcome by
> events trimmed.
>
>
> On Thu, Aug 30, 2018 at 8:06 PM Benjamin Kaduk <ka...@mit.edu> wrote:
>
> > > > Section 7.1.1 discusses how the server can include a caaIdentities
> > element
> > > > in its directory metadata; does this (or anything else) need to be
> > > > integrity protected by anything stronger than the Web PKI cert
> > > > authenticating the HTTPS connection? It seems that a bogus
> > caaIdentities
> > > > value could lead to an unfortunate DoS in some cases.
> > > >
> > >
> > > I don't know what you would consider stronger than a WebPKI cert. You
> > > could use a secondary key that isn't provided to the CDN and do JWS in
> > the
> > > server-to-client direction. But that would require clients to configure
> > a
> > > public key as well as a URL, and you would have to figure out whether you
> > > wanted caching or anti-replay and build the corresponding addenda to JWS.
> > > All in all, a lot of complexity for marginal benefit, especially this
> > late
> > > in the game.
> >
> > Yeah, it's clearly a lot of complexity for marginal benefit (since the DoS
> > would likely be easy to notice and recover from) and late in the game.
> > Though the CA does already have a key that the client trusts...
> >
>
> I guess it's true that the CA could present a key certified by its trusted
> root, say in the directory object. But that just turns the complexity knob
> even higher :)
Yup. And having the trusted root directly sign a statement of CAA
identifiers is probably right out for many reasons, including X.509
constraints and it being a bad idea operationally to pull out your offline
key to do something this mundane.
>
>
> > Do you want to mention that the caaIdentities element gives a leaf cert
> > some control over the trust anchors that are used, in the security
> > considerations? (This is a serious question; I am leaning towards it being
> > worth doing, but it would not be very hard to convince me otherwise.)
> >
>
> I'm not sure what you mean by "caaIdentities element gives a leaf cert some
> control over the trust anchors that are used". Who is controlling whose
> use of trust anchors, and how?
The scenario I had in mind, which may be completely bogus, was that you
have a CDN/whatever in front of the ACME server; that CDN's EE cert could
in principle be signed by a different CA hierarchy than the ACME server is
doing issuance for. So you have a TLS cert from CA XYZ that is the
authentication on a statement "use CAA value <foo> for CA ABC". If the ACME
client and its friends then go off and installs <foo> as their CAA record
with a large TTL, when the client goes to ask for a cert, ABC goes and
checks the CAA record and says "nothing doing". If ABC caches for the full
TTL, the client might have to find a different CA (perhaps one that does
not use an actively harmful CDN to front its operations, heh). This seems
to only differ from the case of a CDN just dropping traffic on the floor or
the other DoS vectors available to it, by virtue of the long TTL on the CAA
record -- even after ABC decides that this CDN is evil and switches, that
bogus CAA record is still valid. Maybe it's better to say that the CDN's
EE cert is controlling which trust anchor is *not* used [for issuing
certificates for the client's domain] than to say it controls which trust
anchor is used.
-Benjamin
>
>
>
>
> On Thu, Aug 30, 2018 at 8:06 PM Benjamin Kaduk <ka...@mit.edu> wrote:
>
> > On Wed, Aug 29, 2018 at 09:10:06PM -0400, Richard Barnes wrote:
> > > Hi Ben,
> > >
> > > Thanks for the detailed review. Responses to the DISCUSS comments
> > inline.
> > > My co-author Daniel McCarney is working on the COMMENT comments.
> > >
> > > --Richard
> > >
> > > On Wed, Aug 29, 2018 at 2:53 PM Benjamin Kaduk <ka...@mit.edu> wrote:
> > >
> > > >
> > > > It looks like the server returns an unauthenticated
> > "badSignatureAlgorithm"
> > > > error when the client sends a JWS using an unsupported signature
> > algorithm
> > > > (Section 6.2). What prevents an active attacker from performing a
> > > > downgrade attack on the signature algorithm used?
> > > >
> > >
> > > HTTPS, and the minimum requirements established in this document. We can
> > > add some comments to the Security Considerations if you want.
> >
> > It's probably worth some security considerations text.
> > (BTW, I was more picky than usual for this doc, since apparently TLS MitM
> > capabilities are explicitly in the threat model via the
> > "CDN-in-front-of-ACME-server" case. So in some sense that is implying that
> > the web PKI is not quite good enough for that channel.)
> >
> > >
> > >
> > > > Similarly, since we include in the threat model a potentially hostile
> > > > CDN/MitM between the ACME client and ACME server, can that attacker
> > strip a
> > > > success response and replace it with a badNonce error, causing the
> > client
> > > > to retry (and thus duplicate the request processing on the server)?
> > > >
> > >
> > > In the spectrum of DoS attacks the CDN could wage against the server,
> > this
> > > seems pretty lame. The CDN could also just stop forwarding requests.
> > >
> > > In other words, I don't really think the
> >
> > (incomplete sentence)
> > But yes, I was thinking about this some more after I balloted and it did
> > end up seeming likely innocuous by comparison. It's still good to have
> > people more familiar with the document than me think about the
> > possibilities, though -- it seems like most things the client would be
> > trying to do are relatively idempotent (that is, new challenge tokens and
> > such could be generated, but that's easy to recover from unless the CDN is
> > blocking lots of stuff, in which case nothing works anyway), but maybe I
> > missed something.
> >
> > >
> > > > I am not an ART AD, but there is not yet an internationalization
> > > > directorate, and seeing statements like "inputs for digest computations
> > > > MUST be encoded using the UTF-8 character set" (Section 5) without
> > > > additional discussion of normalization and/or what the canonical form
> > for
> > > > the digest input is makes me nervous. Has sufficient
> > internationalization
> > > > review been performed to ensure that there are no latent issues in this
> > > > space?
> > > >
> > >
> > > Two of the three ART ADs have already signed off, so we have that going
> > for
> > > us :)
> > >
> > > The only place we have human-readable text is in the problem documents,
> > so
> > > at that level, the i18n considerations are handled by that spec. Other
> > > than that, everything is ASCII, so saying "UTF-8" is just a fancy way of
> > > saying, "don't send extra zero bytes".
> >
> > [this thread forked]
> >
> > >
> > >
> > > > Section 6.1 has text discussing TLS 1.3's 0-RTT mode. If this text is
> > > > intended to be a profile that defines/allows the use of TLS 1.3 0-RTT
> > data
> > > > for the ACME protocol, I think you need to be more specific and say
> > > > something like "MAY allow clients to send early data (0-RTT); there
> > are no
> > > > ACME-specific restrictions on which types of requests are permitted in
> > > > 0-RTT", since the runtime configuration is just 0-RTT yes/no, and the
> > > > protocol spec is in charge of saying which PDUs are allowed or not.
> > > >
> > >
> > > The risk for HTTPS with 0-RTT is replay of requests. The text already
> > > notes that that is not an issue for ACME requests because they have their
> > > own anti-replay protection. There are no restrictions on which PDUs are
> > > allowed. What further specificity do you need?
> >
> > I would like it to be explicitly stated that there are no restrictions on
> > which PDUs are allowed.
> >
> > If it helps, I'm trying to make a distinction between "you can negotiate
> > 0-RTT in the TLS handshake" and "this is what you can put in early data";
> > in my mind, an application profile should explicitly cover the latter.
> >
> > >
> > >
> > > > Section 6.2 notes that servers MUST NOT respond to GET requests for
> > > > sensitvie resources. Why are account resources the only sensitive
> > ones?
> > > > Are authorizations not sensitive? Or are those considered to fall
> > under
> > > > the umbrella of "account resources" (Section 7.1 seems pretty clear
> > that
> > > > they do not)?
> > > >
> > >
> > > That sentence has an overly prescriptive tone. Obviously it's up to the
> > > CA's policy what it considers sensitive. (Some especially profligate CA
> > > that's not subject to GDPR might be OK publishing its account objects.)
> > > Happy to dial it back to something like "For example, most CAs will
> > likely
> > > consider account resources to be sensitive."
> >
> > I think this is basically going to be subsumed/rendered OBE by Adam's
> > DISCUSS; please let me know if you think there is more to talk about here.
> >
> > >
> > >
> > > > Section 7.1.1 discusses how the server can include a caaIdentities
> > element
> > > > in its directory metadata; does this (or anything else) need to be
> > > > integrity protected by anything stronger than the Web PKI cert
> > > > authenticating the HTTPS connection? It seems that a bogus
> > caaIdentities
> > > > value could lead to an unfortunate DoS in some cases.
> > > >
> > >
> > > I don't know what you would consider stronger than a WebPKI cert. You
> > > could use a secondary key that isn't provided to the CDN and do JWS in
> > the
> > > server-to-client direction. But that would require clients to configure
> > a
> > > public key as well as a URL, and you would have to figure out whether you
> > > wanted caching or anti-replay and build the corresponding addenda to JWS.
> > > All in all, a lot of complexity for marginal benefit, especially this
> > late
> > > in the game.
> >
> > Yeah, it's clearly a lot of complexity for marginal benefit (since the DoS
> > would likely be easy to notice and recover from) and late in the game.
> > Though the CA does already have a key that the client trusts...
> > Do you want to mention that the caaIdentities element gives a leaf cert
> > some control over the trust anchors that are used, in the security
> > considerations? (This is a serious question; I am leaning towards it being
> > worth doing, but it would not be very hard to convince me otherwise.)
> >
> > >
> > >
> > > > I am also a bit uncertain if the document is internally consistent
> > about
> > > > whether one challenge verification suffices or there can be cases when
> > > > multiple challenge verifications are required for a successful
> > > > authorization. I attmpted to note relevant snippets of the text in my
> > > > comments on Section 7.1.4.
> > > >
> > >
> > > The document is clear that (1) any one challenge is sufficient for a
> > given
> > > authorization ("the server should consider any one of the challenges
> > > sufficient to make the authorization valid") and (2) the server may
> > provide
> > > multiple authorizations in the order object if it requires multiple
> > > different validations.
> >
> > I think I'm still confused. How could we end up with a case where a single
> > authorization object in the "valid" state includes more than one challenge?
> > (Looking at my notes, maybe this is just an editorial matter where a stray
> > 's' slipped into one instance of "challenges", so we want "challenge that
> > was used" vs. "challenges that were used"?)
> >
> > Thanks for the discussion!
> >
> > -Benjamin
> >
_______________________________________________
Acme mailing list
Acme@ietf.org
https://www.ietf.org/mailman/listinfo/acme
