You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
People may decide to run, e.g. the manual authenticator from their laptop rather than from the server. This will work fine. However, the Let's Encrypt privacy policy states that we will retain and publish IP addresses associated with ACME validation requests, including requestor IP. This is unremarkable when running the client on the same machine where a cert will be deployed. When running the client on a personal machine, this behavior will be unexpected to anyone who hasn't read the privacy policy.
We should do a check that the resolved names being authorized point at the current machine. If they don't we should provide a notice to the user that their IP address will be published, along with a link to the privacy policy.
The text was updated successfully, but these errors were encountered:
It's extremely difficult to determine if you are on the machine that DNS points to for a given name. You have to learn your public IP. You might be on Amazon, where you think you have a private IP, but some public IP actually routes to you.
Instead, Brad suggested a simpler approach of having the manual installer say something like "NOTE: The IP of this machine will be publicly logged as having requested this certificate. If you're running letsencrypt in manual mode on your laptop, please ensure you're okay with that.."
pde
changed the title
Warn when running from a different host than authorizing
Add a reminder about IP address privacy to the manual mode client
Oct 16, 2015
Agreed it's very difficult. However, we probably want to try in a few other places anyhow. For instance, when validating that we've correctly provisioned a challenge.
To expand on that a bit more: to validate a challenge, we probably want to look up the DNS for the name being validated and connect to the first IP we see. If we fail, we should give an informative message.
Similarly, if we want to check whether someone's likely on a different machine than their server, we can start up a little server at startup and try to connect to it by the IP we look up.
Although, now that I say it, I realize that that's not an option in manual mode.
At any rate, having a hardcoded warning on manual mode is fine for now, I think. :-)
People may decide to run, e.g. the manual authenticator from their laptop rather than from the server. This will work fine. However, the Let's Encrypt privacy policy states that we will retain and publish IP addresses associated with ACME validation requests, including requestor IP. This is unremarkable when running the client on the same machine where a cert will be deployed. When running the client on a personal machine, this behavior will be unexpected to anyone who hasn't read the privacy policy.
We should do a check that the resolved names being authorized point at the current machine. If they don't we should provide a notice to the user that their IP address will be published, along with a link to the privacy policy.
The text was updated successfully, but these errors were encountered: