The idea behind Bifrost is to provide clients a mechanism to create unique identities and register with a central authority, without having to provide sensitive information like passwords or API keys.
Yeah I understood this, the issue I'm facing here is the following:
When I grant access to services/information based on certificates presented to me by a client, then I want to make damn sure that the certificate is not handed out to someone that shouldn't have it.
So reading stuff like this:
The server is stateless and doesn’t store any information about clients. The server is also unauthenticated, meaning that anyone can request a certificate.
I'm not entirely sure if I want that. Also I'm not entirely sure if I want to sign certificates w/o having any kind of log so that I can revoke those later.
Similar to this:
Operators use an out-of-band mechanism to verify and trust client UUIDs.
and this:
Place it behind a network-based protection mechanism (reverse proxy, secure gateway, firewall);
So I have to provide a mechanism that allows me to identify the client in the first place to then hand out certificates that are being used to identify the client. It feels like we're either producing a security problem (no checks, see above) or we’re fixing an issue we don’t have as we’re already able to identify the client properly, while that identification needs to be done by other means that usually involve API-keys, passwords or similar things.
Which one is it?
Don't get me wrong here, I'm sure there are certain scenarios where mutual or client authentication can only be done using X.509 certificates, I’m not denying that, I just don’t understand how this scenario should play out.
Yeah that part about deploying could use a lot more context.
The idea is that any client can go and get itself a certificate and talk to your application server.
All clients start off "un-verified" or "deactivated", until an operator comes around and verifies them by their UUIDs.
Once they are trusted, they continue talking to your app servers but now they can access more privileged endpoints.
This access control is as simple as storing a trusted boolean alongside client UUIDs.
You could also deploy the CA inside an isolated network. Such as deploying it as Kubernetes service, so that only pods running inside the cluster can certify themselves.
It's a very simple (and cheaper) alternative to running AWS Private CA instances or hosting SmallStep's CA yourself.
Yeah listen, the more I look at this, the less sense it makes. It’s pretty simple:
I understand the server running on http only has the possibility in mind that there is a reverse proxy that terminates TLS. That’s fine. Running the server in plain http I’m having problems because the identifying credentials are transfered in plain text, visible for anyone that can monitor the network traffic.
Running something like this inside a DC where, in theory, no third party has access to the server or network may be fine as well, but the problem you’re trying to solve here, I don’t see it.
The only way to revoke acces in an X.509 environment is by revoking the client’s certificate unless you use some other means to identify the client, which in turn renders X.509 client authentication useless.
And using a CRL, even an incremental one, requires the server and the client to periodically fetch this file. Even with one minute intervals, there’s a one minute window were a compromised client can acccess the services and cause damage.
Also it seems that your stateless server neither creates a log of created certificates, for traceability, nor a CRL that it offers via HTTP. So w/o CRL you’re handing out certificates that you have zero control over.
I don’t know if that’s what you want, not even in a closed environment.
Everything you do, can be done with the help of a tab separated text file:
I'd suggest reading up a bit more about X.509 CSRs and Certificates before assuming that private credentials are being transmitted in the clear.
Nobody suggested that. But I said that it is said in the article that the UUID needs to be sent to the server to get the request signed and that the UUID is the only identifier while the server itself runs on HTTP, which is also said in the article. Now go and put 1&1 together. Btw, I read the RFCs, that's why I don't see the point in this setup.
I appreciate the somewhat misguided feedback because you did point out that the rationale isn't clear enough. The rest of it is questionable though.
There is no misguided feedback here. You want to go back to the drawing board and read up about x.509 and think stuff through. All you do is overcomplicating things by using x.509 instead of the UUID directly being blinded by the idea of some kind of security.
I'm talking about sending the CSR to the server that runs on http.
Bifrost CA server is a plain HTTP server that responds to X.509 Certificate Signing Requests (CSRs) sent via POST requests. The server validates CSRs, signs them, and returns signed certificates to clients.
*PLAIN* http server.
and also mentioning how operators can secure access to the server.
Also it says:
Bifrost recognises clients by their ECDSA P-256 key pairs. A client’s UUID is the hash of the public key and the namespace. The namespace is any UUID that identifies a domain or application.
When you send a CSR, the CSR contains the public key.
The HTTP header comparison at the end is so close but so far. The auth in the server is basically your tsv file.
You can't fake the UUID in mTLS because you need the actual private key to be present with the client when it makes a connection to the server. There's no way to fake this in TLS.
When I have the UUID, then I can get a CSR signed on the server because that's all that's needed. Creating a CSR creats my private key for the CSR and once the CSR is signed and the certificate is returned I have a valid keypair.
The CSR contains the digital signature of the public key that is requesting the certificate. So you absolutely need the private key to create a CSR. How would you create a CSR with just a public key?
The
certification request information consists of the entity's
distinguished name, the entity's public key, and a set of attributes
providing other information about the entity.
>The CSR contains the digital signature of the public key that is requesting the certificate. So you absolutely need the private key to create a CSR. How would you create a CSR with just a public key?
Do you really not know what you're talking about or are you trolling at this point?
Yes I understand that this is about "automatically" rolling out certificates, but what problem of that process is solved by this server?