Skip to content
This repository has been archived by the owner on Apr 24, 2020. It is now read-only.

Rewords token entropy justification. #284

Merged
merged 6 commits into from
Apr 17, 2017
Merged

Rewords token entropy justification. #284

Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
07f85b7
Rewords token entropy justification.
Mar 22, 2017
6805f48
Merge remote-tracking branch 'ietf/master' into cpu-why-token-entropy
Mar 29, 2017
270fe50
Simplifies 8.2 token entropy statement.
Mar 29, 2017
c84d63e
Adds token entropy discussion to security considerations.
Mar 29, 2017
39d777e
Fixes "182 bits" -> "128" bits.
Mar 30, 2017
1eece0d
Fixes remaining two "token entropy" occurences.
Apr 6, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 16 additions & 7 deletions draft-ietf-acme-acme.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1867,7 +1867,7 @@ type (required, string):

token (required, string):
: A random value that uniquely identifies the challenge. This value MUST have
at least 128 bits of entropy, in order to prevent an attacker from guessing it.
at least 128 bits of entropy.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This same change should be made on line 1972 and line 2074.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@zjs Good catch - thanks! Updated in 1eece0d

It MUST NOT contain any characters outside the base64url alphabet, including
padding characters ("=").

Expand Down Expand Up @@ -1969,9 +1969,8 @@ type (required, string):

token (required, string):
: A random value that uniquely identifies the challenge. This value MUST have
at least 128 bits of entropy, in order to prevent an attacker from guessing it.
It MUST NOT contain any characters outside the base64url alphabet, including
padding characters ("=").
at least 128 bits of entropy. It MUST NOT contain any characters outside the
base64url alphabet, including padding characters ("=").

~~~~~~~~~~
GET /acme/authz/1234/1 HTTP/1.1
Expand Down Expand Up @@ -2071,9 +2070,8 @@ type (required, string):

token (required, string):
: A random value that uniquely identifies the challenge. This value MUST have
at least 128 bits of entropy, in order to prevent an attacker from guessing it.
It MUST NOT contain any characters outside the base64url alphabet, including
padding characters ("=").
at least 128 bits of entropy. It MUST NOT contain any characters outside the
base64url alphabet, including padding characters ("=").

~~~~~~~~~~
GET /acme/authz/1234/2 HTTP/1.1
Expand Down Expand Up @@ -2761,6 +2759,17 @@ server is in a default virtual host configuration. Conversely, if the TLS
server returns an unrecognized_name alert, then this is an indication that the
server is not in a default virtual host configuration.

## Token Entropy

The http-01, tls-sni-02 and dns-01 validation methods mandate the usage of
a random token value to uniquely identify the challenge. The value of the token
is required to contain at least 128 bits of entropy for the following security
properties. First, the ACME client should not be able to influence the ACME
server's choice of token as this may allow an attacker to reuse a domain owner's
previous challenge responses for a new validation request. Secondly, the entropy
requirement prevents ACME clients from implementing a "naive" validation server
that automatically replies to challenges without participating in the creation
of the intial authorization request.

# Acknowledgements

Expand Down