Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Okay, I think I understand what you're saying now: this is similar to the attack described by 'rcxdude here[1].

I interpreted the original comment that started this thread to imply an attack on ACME itself, not the fact that ACME can't detect the difference between someone who legitimately controls a domain and someone who illegitimately controls a domain. As far as I know, that's considered a more general defect in the Web PKI, one that predates ACME substantially.

[1]: https://news.ycombinator.com/item?id=37567200



Yes, it is the same. I agree, it is not ACME's fault, ACME just makes it simpler due to the automation.


ACME doesn’t require control over the DNS record though. It has a mode where it issues a challenge and you put it on port 80 of your web server.

The DNS based attack would be harder than doing that, for, say, a malicious cloud vendor to implement.

Also, you don’t need a private key to bootstrap a new domain with a new ACME provider.


The HTTP-based challenge is similar in scope to the DNS one: an attacker would still need the target’s private key to actually impersonate the ACME session itself.

Put another way: this is still not an issue with ACME itself, but the fact that the Web PKI is built on top of unauthenticated substrates (primarily DNS). If someone (like your cloud provider) can demonstrate control of your domain, then it is ipso facto their domain as well. ACME can’t solve that any more than the previous generation of DV techniques could.


I understand. I just used the DNS challenge as an example. I generally use the DNS challenge since I can assign certs on my private network more easily (the zone is public.)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: