On Wed, Oct 24, 2018 at 10:02:09PM +0300, Kas wrote: > > > On 10/24/2018 8:30 PM, Eric Rescorla wrote: > > Kas, > > > > I've read through this entire thread, and TBH, I really don't understand > > what threat you are concerned with. > > > > Can you please describe the specific attack you have in mind? > > > > -Ekr > > > > Hi Eric, > > I am not talking about a threat or kind of attack per se, please let me put > the points i trying to convoy in short : > 1_ MitM is a threat, as there is no way for acme client to make sure he is > talking to the intended acme server not to an impersonator, according to > current draft of acme protocol you should :
AFAIK, the impersonator can not tamper with the requests undetected due to the request nonces, request signatures and key authorization including the key fingerprint. Such impersonator could still try to cause denial of service (including via feeding bogus certificate to the client) or try to attack the client (including escape sequence attacks and protocol implementation bugs). A well-made client should resist such attacks (other than brute denial of service which one can not do anything with). If you look at Let's Encrypt, they use a CDN, which is definitely not a trusted component (nor it can be)... -Ilari _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
