Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a reminder about IP address privacy to the manual mode client #991

Closed
jsha opened this issue Oct 15, 2015 · 3 comments
Closed

Add a reminder about IP address privacy to the manual mode client #991

jsha opened this issue Oct 15, 2015 · 3 comments
Labels
area: manual authenticator area: ui / ux
Milestone
Important

Comments

@jsha
Copy link
Contributor

jsha commented Oct 15, 2015

People may decide to run, e.g. the manual authenticator from their laptop rather than from the server. This will work fine. However, the Let's Encrypt privacy policy states that we will retain and publish IP addresses associated with ACME validation requests, including requestor IP. This is unremarkable when running the client on the same machine where a cert will be deployed. When running the client on a personal machine, this behavior will be unexpected to anyone who hasn't read the privacy policy.

We should do a check that the resolved names being authorized point at the current machine. If they don't we should provide a notice to the user that their IP address will be published, along with a link to the privacy policy.
@pde pde modified the milestones: Nice for 1.0, Wishlist Oct 16, 2015
@pde
Copy link
Member

pde commented Oct 16, 2015

It's extremely difficult to determine if you are on the machine that DNS points to for a given name. You have to learn your public IP. You might be on Amazon, where you think you have a private IP, but some public IP actually routes to you.

Instead, Brad suggested a simpler approach of having the manual installer say something like "NOTE: The IP of this machine will be publicly logged as having requested this certificate. If you're running letsencrypt in manual mode on your laptop, please ensure you're okay with that.."

@pde pde changed the title Warn when running from a different host than authorizing Add a reminder about IP address privacy to the manual mode client Oct 16, 2015
@jsha
Copy link
Contributor Author

jsha commented Oct 16, 2015

Agreed it's very difficult. However, we probably want to try in a few other places anyhow. For instance, when validating that we've correctly provisioned a challenge.

@jsha
Copy link
Contributor Author

jsha commented Oct 16, 2015

To expand on that a bit more: to validate a challenge, we probably want to look up the DNS for the name being validated and connect to the first IP we see. If we fail, we should give an informative message.

Similarly, if we want to check whether someone's likely on a different machine than their server, we can start up a little server at startup and try to connect to it by the IP we look up.

Although, now that I say it, I realize that that's not an option in manual mode.

At any rate, having a hardcoded warning on manual mode is fine for now, I think. :-)

@erinzm erinzm mentioned this issue Oct 25, 2015
Merged
@bmw bmw closed this as completed in #1125 Oct 25, 2015
@osirisinferi osirisinferi mentioned this issue Dec 12, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area: manual authenticator area: ui / ux
Projects
None yet
Milestone
Important
Development

No branches or pull requests
3 participants
@kuba @jsha @pde