On Wed, May 14, 2025 at 08:57:12AM -0700, Xiaohui Lam wrote: > Based on my experience, instances of ACME account key compromise are > extremely rare.
I don't know what you consider "rare", but I've cancelled hundreds[1] of Let's Encrypt accounts whose private keys were publicly disclosed. As a percentage of all LE accounts, perhaps it's not huge, but it's certainly far greater than the zero that would be needed to be able to claim that a public key is a long-term stable identifier -- and that's before we consider the need to periodically rotate keys (for whatever reason). > I also have full confidence in Cloudflare’s robust security > operations capability - such account key compromises are highly unlikely to > occur internally at Cloudflare. Since the I-D is not applicable only to Cloudflare, this argument is not particularly persuasive. > My suggestion is to draft the document to retain both the current account > URI-generated suffix and add an account key-generated suffix. This would > allow delegate operators (such as Cloudflare) to implement the optimal > approach for their customers. I strongly disagree with this suggestion. Complexity is the enemy of security, and flexibility has a nasty habit of coming back to cause problems. - Matt [1] I don't keep a tally, but for a period of several years I was doing one every couple of days -- sometimes multiple per day -- so "hundreds" is not an unreasonable estimate. -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/57bf43f1-6691-48ed-a7a9-d4d8dde984a8%40mtasv.net.
