Aaron, I have a related/unrelated question, which I was hoping to answer tomorrow by "reading the source" (to certbot), but ...
Aaron Gable <aaron=40letsencrypt....@dmarc.ietf.org> wrote:
> Sorry, but this doesn't make sense to me. If the adversary is on the ACME
> client, then it doesn't matter that they don't have access to the keypair
> that the victim wants to include in the certificate. The adversary can
just
> generate their own keypair, create their own CSR, and complete any
> proof-of-possession challenges for that key -- because they do in fact
> possess it.
ACME's newAccount generates a key which is used to authenticate all
transactions.
I'm unclear from reading 8555 if this key is retained across orders
(like a renewal 60 days later), or if a new key is generated each time.
Is the newAccount key always the same key as the CSR key?
my /etc/letsencrypt/keys has 138 key files, which appear to be from each time
certbot has run and done something (since 2018ish). They seem to be the
private keys associated with the certificates that were issued.
I think that in effect, due to the newAccount and way in which JWS are used
for authentication, that every single ACME transaction **already** does PoP for
the private key involved.
--
Michael Richardson <mcr+i...@sandelman.ca> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Acme mailing list -- acme@ietf.org To unsubscribe send an email to acme-le...@ietf.org
