Automated Certificate Management Environment (ACME) Challenges Using an Authority Token
draft-ietf-acme-authority-token-09

Discuss

(Benjamin Kaduk)

Yes

Roman Danyliw

No Objection

Erik Kline
Francesca Palombini
John Scudder
Murray Kucherawy
Warren Kumari
Zaheduzzaman Sarker
Éric Vyncke
(Lars Eggert)
(Martin Duke)
(Martin Vigoureux)
(Robert Wilton)

Note: This ballot was opened for revision 07 and is now closed.

Roman Danyliw
Yes
Erik Kline
No Objection
Francesca Palombini
No Objection
Comment (2021-11-30 for -07) Sent 
Thank you for the work on this document.

I support Ben's DISCUSS, in particular the inconsistencies between definition and examples for the "atc" claim (array vs object, "ca" defined as 4th optional field in an array), and his thoughtful COMMENTs, I found myself having the same questions about some of them, so will be looking out for your answers to those as well. 

Additionally, I would suggest to add a Description column to the IANA ACME Authority Token Challenge Type Registry, containing some short description of what the types defined are. 

Francesca
John Scudder
No Objection
Murray Kucherawy
(was Discuss) No Objection
Comment (2021-12-01 for -08) Sent for earlier 
I suggest that Section 7.1 should explicitly reference "the ACME Validation Methods sub-registry of the Automated Certificate Management Environment (ACME) Protocol registry group" or something like that.  Also, I concur with Francesca's suggestion regarding this section.
Warren Kumari
No Objection
Comment (2021-11-30 for -07) Not sent 
Much thanks to Ron Bonica for the OpsDir review.
Zaheduzzaman Sarker
No Objection
Comment (2021-12-02 for -07) Not sent 
Thanks for working on this document. I didn't noted transport related issues in my review.
Éric Vyncke
No Objection
Comment (2021-11-26 for -07) Sent 
Thank you for the work put into this document. 

Please find below some non-blocking COMMENT points (but replies would be appreciated even if only for my own education), and some nits.

Special thanks to Rich Salz for the shepherd's write-up about the WG consensus (and I noted the mix of STIR & ACME).

I hope that this helps to improve the document,

Regards,

-éric

I am trusting Roman and the authors, but I wonder where a replay attack protection is described ?

Did the STIR/ACME WG consider the use of "ticket" rather than "token" ?

-- Section 1 --
Authors may consider to remove the last paragraph has it could be read as limiting this I-D to the STIR use case (even with the leading "for example")

-- Section 8 --
The first § explicitly request TLS (what about QUIC BTW) and the last § is less specific as it only requests "MUST use confidentiality". Is there any reason for this slight difference ?

== NITS ==

-- Section 4 --
Isn't "JWT token" redundant as the "T" in "JWT" is already "token" ;-)
Benjamin Kaduk Former IESG member
Discuss
Discuss [Treat as non-blocking comment] (2021-11-27 for -07) Sent 
(1) Let's talk briefly about how JWT issuers are identified.  Section 4
has some text:

   For this ACME Authority Token usage of JWT, the payload of the JWT
   OPTIONALLY contain an "iss" indicating the Token Authority that
   generated the token, if the "x5u" element in the header does not
   already convey that information; typically, this will be the same
   location that appeared in the "token-authority" field of the ACME
   challenge.  [...]

While "iss" is the default way to identify a JWT issuer, the JWT BCP
(RFC 8725, BCP 225) does not make a strong recommendation that it is the
preferred way to do so, with the implication that other ways to identify
the issuer are reasonable.  However, the text here only mentions the
"x5u" element as an alternative to "iss" for identifying the issuer,
which does not seem to be a comprehensive depiction of the JWT
ecosystem.  Issuers could be identified by other X.509 related protected
headers such as "x5c", or in some situations just by the key used for
signing (when that key is accompanied by other configured metadata),
among other things.  So, I don't understand why we call out "x5u"
specifically here and apparently don't allow other ways of identifying
the issuer.

(2) We seem to describe the contents of the "atc" JWT claim as an array
in §4, but the examples show its payload as a JSON map.  Which is
correct?

(3) I'd also like to have a (hopefully brief) discussion about the
properties that we do and do not provide as relates to binding an
authority token to an ACME client.

In particular, in the REST API to the Token Authority, we have the
client provide the fingerprint of its ACME key/identity, but the Token
Authority does not do any validation on that value and is expected to
just include it directly in the issued token.  This means that some
other entity X who is not the legitimate client but knows their key
(fingerprint), and is also authorized to use a given identifier by the
Token Authority, could cause a token to be issued that references the
legitimate client's key.  (Note that X could learn the fingerprint of
the client by, e.g., being a semi-trusted CDN in front of the ACME
server as considered by RFC 8555§10.1.)  That token would then only be
useful by the legitimate client, and so there would need to be some
other vulnerability that lets X trick the client into using that token,
but it still seems that we have broken the chain of custody that would
let us claim that the authority token was generated "based on a request
from the client" (§3.3).  In particular, it seems that (with these
preconditions) we might have a scenario where a client gets issued a
certificate for numbers that it is not actually authorized for!
This weakness does not immediately lead to an obvious vulnerability, as
it requires two additional factors to be exploited -- the attacker must
themselves be authorized at the Token Authority, and there needs to be
some as-yet-unknown mechanism for the attacker to cause the client to
use this new/different token -- but I think we at a minimum need to
document the properties that we don't provide.

We could choose to make the mechanism more complicated and close off
this loophole by requiring proof of possession in the request to the
token authority.  The obvious way to do this robustly would require
another round trip, though, to let the token authority provide a nonce
that the proof of possession is provided over.  Sometimes we can use a
TLS Exporter value to save on that round-trip, but I haven't thought
through very carefully what that would look like here.  The request to
the token authority would probably need to convey the entire public key,
not just the fingerprint, so that the signature could be verified.

There's another risk relating to thumbprints that is probably worth
documenting -- we in effect are hardcoding a dependence on SHA256 for
the fingerprints.  (I'm happy to see that the wire-format of the
thumbprint does identify the hash function used, so a transition
mechansims should be pretty straightforward.)  In light of the BCP 201
guidance for building in algorithm agility, I think we should say that
we are hardcoding SHA256 and SHA256 is believed to still be quite strong
(the SHA-3 contest helped solidify that position), but if a second
preimage attack for SHA256 is found, an issued authority token could be
used with a different ACME account key.  We can also go on to say that
in that event, implementations can migrate to using a different hash
function for the fingerprints due to the in-band hash function
identification in the fingerprint field.  Such a transition would
require a new RFC to actually specify the details of the new behavior,
but would not be very invasive to implementations.

(4) We mention almost in passing that the tkauth-01 challenge type has a
new "token-authority" field that designates a location where a token can
be acquired.  I think we need to have some more explicit discussion of
the semantics of this field and how it's populated, especially in light
of how this document implies that typical usage will include
"token-authority" but the companion document implies that
"token-authority" will not be in common usage.  We definitely need some
discussion of the security considerations of having party X tell the
client to go authenticate to party Y and do some thing; this type of
flow is very prone to enabling phishing attacks where the client gives
party Y credentials that party Y is not supposed to have.  In many cases
it ends up being a de facto requirement that the client is configured
with a specific list of allowed values for "party Y" and must reject
anything not known to be trusted.  (So, in this case, that would have
the client reject any token authority URLs that are not in this
preconfigured allow-list.)
Lars Eggert Former IESG member
No Objection
No Objection (2021-11-29 for -07) Sent 
This document seems to have unresolved IANA issues.

In Section 7.1, you might want to include a specific "Note to the RFC Editor"
instructing them on how to handle "[RFCThis]".

Thanks to Linda Dunbar for their General Area Review Team (Gen-ART) review
(https://mailarchive.ietf.org/arch/msg/gen-art/aG97YZgQmi6tGHVt--QW3dV0rfY).

-------------------------------------------------------------------------------
NIT
-------------------------------------------------------------------------------
All comments below are about very minor potential issues that you may choose to
address in some way - or ignore - as you see fit. Some were flagged by
automated tools (via https://github.com/larseggert/ietf-reviewtool), so there
will likely be some false positives. There is no need to let me know what you
did with these suggestions.

Section 1. , paragraph 3, nit:
> cture for Authority Tokens, defines a the Authority Token format along with a
>                                     ^^^^^
Two determiners in a row. Choose either "a" or "the".

Section 3. , paragraph 4, nit:
> r a number of different namespaces; other might be specific to a particular t
>                                     ^^^^^
It seems that the plural noun "others" fits better in this context.
Martin Duke Former IESG member
No Objection
No Objection (for -07) Not sent 

                            

                        
                    

                
            
                
                    

                        

                            Martin Vigoureux Former IESG member
                        

                        

                            
                            No Objection
                            
                        

                    

                    

                        

                            

                                No Objection 
                                
                                    (for -07)
                                
                                
                                    
                                         Not sent
                                    
                                
                            

                        

                        
                            

                                

                            

                        
                    

                
            
                
                    

                        

                            Robert Wilton Former IESG member
                        

                        

                            
                            No Objection
                            
                        

                    

                    

                        

                            

                                No Objection 
                                
                                    (2021-11-29 for -07)
                                
                                
                                    
                                         Sent
                                    
                                
                            

                        

                        
                            

                                
Hi,

Thanks for this.  I don't know much about ACME.  Hence only some minor comments/suggestions.

1.  Introduction

   It enables administrative entities to prove
   effective control over resources like domain names, and automates the
   process of generating and issuing certificates that attest control or
   ownership of those resources.

   In some cases, proving effective control over an identifier requires
   an attestation from a third party who has authority over the
   resource,

I note that you use "identifier" in the first part of the sentence and then
"resource" in the second, and wanted to check that these shouldn't both be "resource".


4.  Authority Token Challenge tkauth-type Registration

                                      In addition to helping to manage
   replay, the "jti" provides a convenient way to reliably track with
   the same "atc" Authority Token is being used for multiple challenges
   over time within its set expiry.
   
I found this sentence hard to scan/understand.


        {
    "protected": base64url({
         "typ":"JWT",
     "alg":"ES256",
     "x5u":"https://authority.example.org/cert"
        }),
    "payload": base64url({
         "iss":"https://authority.example.org/authz",
     "exp":1300819380,
     "jti":"id6098364921",
     "atc":{"tktype":"TnAuthList","tkvalue":"F83n2a...avn27DN3==","fingerprint":
     "SHA256 56:3E:CF:AE:83:CA:4D:15:B0:29:FF:1B:71:D3:BA:B9:19:81:F8:50:
     9B:DF:4A:D4:39:72:E2:B1:F0:B9:38:E3"}
        }),
     "signature": "9cbg5JO1Gf5YLjjz...SpkUfcdPai9uVYYQ"
        }
		
The alignment of the rows of this JSON looks somewhat strange.  Aligning the fields may make it more readable.

5.  Acquiring a Token

   MUST support an HTTPS REST interface

Is REST well defined enough to be an RFC 2119 MUST?  Does this need a reference to what constitutes a REST interface that would be compliant with this specification?

Thanks,
Rob