/srv/irclogs.ubuntu.com/2012/10/18/#juju-dev.txt

davecheney	niemeyer: got a better fix for signing bug	00:58
davecheney	will propose in a few minutes	00:58
davecheney	niemeyer: did you fix lbox so it doesn't mess up the milestone of a bug ?	01:06
davecheney	if so, thank you :)	01:06
niemeyer	davecheney: Yo	01:08
niemeyer	davecheney: Morning	01:08
niemeyer	davecheney: I didn't yet, sorry	01:08
davecheney	niemeyer: weird, i wonder why lbox propose didn't screw up the milestone on https://bugs.launchpad.net/juju-core/+bug/1061941	01:19
davecheney	maybe because it's a different project	01:20
niemeyer	davecheney: Perhaps the milestone picking logic is actually right	01:48
niemeyer	davecheney: What I did was to deactivate 1.3 a while ago	01:48
davecheney	\o/ !	01:48
niemeyer	davecheney: Bed time here	02:34
niemeyer	davecheney: Have a good time	02:34
* niemeyer => zzzzzZZZ		02:34
wrtp	fwereade__: morning	07:28
fwereade__	wrtp, heyhey	07:32
wrtp	davecheney: hiya	09:17
wrtp	davecheney: if you have a moment, this evening, it would be great if you could try to provoke that test failure - i'd like to get that CL submitted.	09:18
davecheney	wrtp: that is the thing	09:23
davecheney	the test never fails	09:23
wrtp	davecheney: have you tried raising the iteration count?	09:23
wrtp	davecheney: (did you see my reply BTW?)	09:23
davecheney	i think i may not have	09:24
davecheney	basically i reveted state.go	09:24
davecheney	and the test still passed	09:24
davecheney	so, what is the test testing ?	09:24
wrtp	davecheney: i only replied an hour ago	09:24
wrtp	davecheney: it's testing a race condition	09:24
wrtp	davecheney: read my reply for details	09:24
davecheney	ok, i'll go upstairs and read it	09:24
wrtp	davecheney: ta	09:25
fwereade__	guys, I need to take a somewhat extended lunch; https://codereview.appspot.com/6734046 is pretty trivial if anyone is bored ;p	09:45
wrtp	fwereade__: reviewed	09:51
Aram	moin.	10:20
wrtp	Aram: hiya	10:29
wrtp	this fails for me.go test labix.org/v2/mgo	12:22
wrtp	could someone else try it, and let me know if the test passes, please.	12:23
Aram	one min\	12:23
wrtp	Aram: thanks	12:23
Aram	wrtp: failed	12:24
wrtp	Aram: thanks	12:24
Aram	wrtp: I remember now, actually.	12:25
Aram	it never passed for me	12:25
Aram	I remember that error from when I started using mgo	12:25
Aram	it never worked right here	12:25
wrtp	Aram: it's strange because it looks like that js is ok	12:25
wrtp	Aram: that is, i can't see how rs1a could be undefined.	12:25
wrtp	Aram: ah, i see	12:26
Aram	yeah	12:27
wrtp	Aram: maybe the server ports have changed or something	12:27
Aram	what momgodb version do you have?	12:27
Aram	this is 2.0.4	12:27
wrtp	Aram: the one we're using in ec2, i think	12:27
wrtp	Aram: 2.2.0	12:28
wrtp	Aram: hmm, i think it might be failing because i don't have a "supervisorctl" command	12:31
wrtp	(whatever that's supposed to do)	12:31
Aram	yeah, I don't have that either	12:32
wrtp	Aram: hmm, that doesn't seem to have fixed it	12:34
niemeyer	Moooorning	12:57
fwereade__	niemeyer, heyhey	13:01
wrtp	niemeyer: yo!	13:07
wrtp	niemeyer: any hints as to how i can get mgo tests passing? it seems like it's something to do with supervisord (which wasn't installed), but i've failed to get it working even when it is.	13:08
niemeyer	wrtp: You have to run make startdb	13:09
wrtp	niemeyer: ah!	13:09
niemeyer	wrtp: It sets up the 12 servers, etc	13:09
niemeyer	wrtp: It doesn't restart them across runs	13:09
wrtp	niemeyer: right - i see now. that was not so obvious :-)	13:10
niemeyer	wrtp: Anything you think is broken there?	13:14
wrtp	niemeyer: i just wanted to check that i could connect to mongodb with Go's TLS, so i made some changes to allow that and wanted to verify that everything was still working	13:15
wrtp	niemeyer: i do get one test failure, even after running startdb, BTW	13:15
niemeyer	wrtp: I will work on that on my own time	13:15
wrtp	niemeyer: it looks like session.DatabaseNames doesn't always return the names in sorted order	13:15
wrtp	niemeyer: ok. you don't want to accept it as a contribution?	13:15
niemeyer	wrtp: Is juju distributing TLS certificates properly? I'll happily take that as a contribution. :-)	13:16
wrtp	niemeyer: i need to talk with you about that	13:16
wrtp	niemeyer: i didn't want to build an implementation without deciding what to do first	13:17
niemeyer	wrtp: Understood.. the point is that I'm happy to use my own time to work on mgo as I've been doing since day one. We don't have to spend our time to do that.	13:17
wrtp	niemeyer: that's ok.	13:17
wrtp	niemeyer: it was only 10 minutes' work	13:17
niemeyer	wrtp: Cool, but it wouldn't be to implement it properly	13:18
wrtp	niemeyer: no? it's true i'm probably unaware of the subtleties	13:18
wrtp	niemeyer: i thought something like this was probably sufficient: http://paste.ubuntu.com/1286877/	13:19
niemeyer	wrtp: Quite possibly	13:24
niemeyer	wrtp: That's what Dave suggested too	13:24
wrtp	niemeyer: here's my half-baked plan for key distribution BTW: http://paste.ubuntu.com/1286895/	13:27
niemeyer	fwereade__: I think there was some misunderstanding on the Cleanup review	13:33
niemeyer	fwereade__: But perhaps it's for the best	13:33
fwereade__	niemeyer, oh, sorry, perhaps there was	13:34
fwereade__	niemeyer, what did I miss?	13:34
niemeyer	fwereade__: The suggestion was to run RemoveAll, but not to scan through all documents pending of cleanups at once	13:34
fwereade__	niemeyer, yes -- that changed because it appeared to make the code simpler, and I couldn't think of a serious drawback...	13:35
fwereade__	niemeyer, given that I was looping until I found a valid cleanup doc anyway, I thought it was easier to just keep on looping :)	13:36
wrtp	i've got to reboot. back in a mo.	13:36
niemeyer	fwereade__: It may only load the system at once a bit more, but it sounds worth trying	13:36
fwereade__	niemeyer, yeah, it seemed to follow the spirit of your other suggestions :)	13:36
niemeyer	fwereade__: I think the cleanups doc is fine to be deleted out of a transaction too, btw	13:37
fwereade__	niemeyer, I thought "better safe than sorry" there, on the basis that it's a new feature whose context is yet to be completely determined	13:38
niemeyer	fwereade__: We did its intended action before getting there, and the action is idempotent, so any mixup should be fine	13:38
fwereade__	niemeyer, true enough, happy to change	13:39
niemeyer	fwereade__: For clarity, the dangers we can incur by not using a transaction, in that specific case, is seeing the change being done again	13:40
niemeyer	fwereade__: Because if the transaction failed on the insert side before being finished, someone else will attempt to apply the transaction again, and may end up reinserting the doc	13:41
niemeyer	fwereade__: After that transaction is finished, that doc is never seen in a transaction again	13:41
niemeyer	fwereade__: So the worst that can happen is Cleanup running the same cleanup twice, which is not a big deal due to its nature	13:42
niemeyer	fwereade__: I suspect that will be true in general for cleanups	13:42
fwereade__	niemeyer, hope so :)	13:42
niemeyer	fwereade__: If you want me, I'll be in my bunker	13:43
fwereade__	haha	13:43
wrtp	niemeyer: any thoughts on my key distribution sketch above?	13:44
niemeyer	wrtp: I started reviewing a branch before you posted, and I haven't yet finished	13:45
wrtp	niemeyer: ok, np	13:45
wrtp	niemeyer: i wasn't sure you noticed the paste.	13:46
niemeyer	fwereade__: LGTM, thanks a lot for the rounds	13:47
niemeyer	wrtp: np	13:47
niemeyer	wrtp: SO..	13:47
=== wrtp is now known as rogpeppe
rogpeppe	niemeyer: so...	13:47
niemeyer	rogpeppe: We don't need --sslOnNormalPorts.. we don't even use normal ports	13:47
rogpeppe	niemeyer: ok. that just came from a web page. i'm not fully cognizant of the implications of all the mongod flags :-)	13:48
rogpeppe	niemeyer: (i thought perhaps it might allow non-ssl connections without that flag)	13:49
niemeyer	rogpeppe: We want --ssl, I think	13:50
niemeyer	rogpeppe: I don't have a lot of experience with ssl on mongo myself, to be honest	13:50
niemeyer	rogpeppe: 10gen plays a trick I don't find so nice	13:50
rogpeppe	niemeyer: i was going from this page: http://docs.mongodb.org/manual/administration/ssl/	13:50
niemeyer	rogpeppe: Their own packages don't have ssl built-in.. you have to pay for a subscription	13:51
rogpeppe	niemeyer: yeah, that's why you had to do your own build, right?	13:51
niemeyer	All things considered, I guess it's a fine way to stay in business, though	13:51
niemeyer	rogpeppe: Yeah	13:51
rogpeppe	niemeyer: if people can't be bothered to do a build, then it's their problem i guess.	13:52
rogpeppe	niemeyer: (you didn't have that easy a time of it AFAIR though!)	13:52
niemeyer	Hmm.. "Add the “ssl=True” parameter to a PyMongo".. I'll have to investigate what's the standard way drivers are handling that	13:52
niemeyer	"mongodb://localhost/?ssl=true&sslverifycertificate=false"	13:53
niemeyer	interesting..	13:53
niemeyer	Anyway, sorry, derail	13:53
niemeyer	rogpeppe: Only because it takes forever.. otherwise it was somewhat okay	13:54
niemeyer	rogpeppe: in your sketch, I'm not entirely sure of what lines 12-15 mean	13:54
rogpeppe	niemeyer: we've got to make the public key available somewhere outside of the state, right?	13:55
rogpeppe	niemeyer: and the server itself must generate the public key, i think	13:55
niemeyer	rogpeppe: Well, we can only generate the public key by generating the pair	13:55
rogpeppe	niemeyer: exactly	13:56
niemeyer	rogpeppe: I'm not sure we want to do that at the server side, though	13:56
niemeyer	rogpeppe: It means the client has to trust the server blindly, at least once	13:56
rogpeppe	niemeyer: and we don't want to make the private key available in cloudinit	13:56
rogpeppe	niemeyer: there's another way around that, i think, which is orthogonal to this	13:56
rogpeppe	niemeyer: which is to have a client-specified value that's put into the state.	13:57
niemeyer	rogpeppe: That's a bit related to that conversation we had the other day regarding push vs. pull	13:57
niemeyer	rogpeppe: Erm.. sorry	13:57
niemeyer	rogpeppe: That was confusng	13:57
niemeyer	rogpeppe: The conversation regarding bootstrapping via ssh rather than via cloud-init	13:58
rogpeppe	niemeyer: i remember the conversation	13:58
niemeyer	rogpeppe: Or perhaps via both, but pushing the changes via ssh	13:58
rogpeppe	niemeyer: don't we have the same problem there. we must trust the server blindly the first time.	13:58
niemeyer	rogpeppe: Let me look at how we bootstrap today for a sec.. just a moment	13:58
niemeyer	rogpeppe: Okay	14:01
niemeyer	rogpeppe: I guess the problem we have is pretty much the same as the problem we just solved with the password	14:02
rogpeppe	niemeyer: if we could write to environments.yaml, our problem would be simpler	14:02
niemeyer	rogpeppe: Seems like a red-herring	14:03
niemeyer	rogpeppe: How did we solve the problem of initializing the password?	14:03
rogpeppe	niemeyer: we changed it	14:04
niemeyer	rogpeppe: Yep	14:04
rogpeppe	niemeyer: but if the password is specified in environments.yaml, we can't do that.	14:04
niemeyer	rogpeppe: Hmm.. I lost you	14:04
niemeyer	rogpeppe: The password is specified in environments.yaml, and we do that	14:05
niemeyer	rogpeppe: environments.yaml seems like a red-herring	14:05
rogpeppe	niemeyer: perhaps i'm misunderstanding you. the password in environments.yaml is so we can authenticate ourselves to the server. what we're trying to do here is authenticate the server to the client, no?	14:05
niemeyer	rogpeppe: The problem we have is exactly the same.. we have a private key that we want the server to hold without exposing to everybody that can read cloud-init	14:06
rogpeppe	niemeyer: ok... so who generates the private key?	14:07
niemeyer	rogpeppe: We do	14:07
niemeyer	rogpeppe: The client	14:07
rogpeppe	niemeyer: how does that help?	14:07
rogpeppe	niemeyer: i suppose it means we don't have to wait for the public key to become available	14:08
niemeyer	rogpeppe: It's the only way for the client to be able to tell it's talking to the right server	14:08
rogpeppe	niemeyer: i don't see how it helps	14:08
niemeyer	rogpeppe: Hmm.. expand?	14:08
rogpeppe	niemeyer: when we connect for the first time after bootstrap, how do we tell if we're talking to the right server?	14:09
niemeyer	rogpeppe: When you connect to your bank in your browser, how can your browser tell it is talking to the right endpoint?	14:09
niemeyer	rogpeppe: (or at least hope so ;)	14:10
rogpeppe	niemeyer: because your browser has stored a public key of the bank.	14:10
niemeyer	rogpeppe: Almost, but close enough	14:10
rogpeppe	niemeyer: so where do we store the public key that we generate at bootstrap time?	14:11
rogpeppe	niemeyer: ah, i suppose we can use our local key to sign a certificate for the server	14:11
rogpeppe	niemeyer: and then use our local key as the root CA	14:11
rogpeppe	niemeyer: i'm not sure that works though	14:12
rogpeppe	niemeyer: hmm, maybe.	14:13
niemeyer	rogpeppe: Why?	14:13
rogpeppe	niemeyer: i guess we'd need another field in environments.yaml	14:15
rogpeppe	niemeyer: to hold the original signer's certificate	14:15
rogpeppe	niemeyer: we could overload authorized-keys, i suppose	14:15
niemeyer	rogpeppe: Uh.. why the obsession about environments.yaml?	14:16
niemeyer	rogpeppe: and how's authorized-keys related to the problem?	14:16
niemeyer	rogpeppe: This is the ssh key, and it works well	14:16
niemeyer	rogpeppe: No need to fiddle there	14:16
rogpeppe	[15:09:02] <rogpeppe> niemeyer: when we connect for the first time after bootstrap, how do we tell if we're talking to the right server?	14:17
niemeyer	<niemeyer> rogpeppe: environments.yaml seems like a red-herring	14:17
niemeyer	:)	14:17
rogpeppe	:-)	14:17
rogpeppe	niemeyer: i'm not sure how to answer my question above	14:17
niemeyer	rogpeppe: You've already answered it?	14:17
rogpeppe	niemeyer: my answer only works if we know what key signed the server's cert	14:18
niemeyer	rogpeppe: Of half of it, anyway	14:18
rogpeppe	niemeyer: and that's something that needs to be specified in environments.yaml AFAICS	14:18
niemeyer	rogpeppe: Exactly, that's what we're handing off the key to the server	14:18
niemeyer	s/what/why	14:18
niemeyer	rogpeppe: lOL	14:18
niemeyer	rogpeppe: We can do whatever we want.. yes, it may be in environments.yaml, it may be in ~/.juju/envname.cert, or whatever	14:19
rogpeppe	niemeyer: ok, so we've handed off the key to the server. now we connect again, and the server presents a certificate. how do we tell if that certificate is valid?	14:19
rogpeppe	niemeyer: ok, sorry. i was using environments.yaml as a place-holder for "somewhere with client configuration information". of course it could be stored elsewhere too.	14:21
niemeyer	rogpeppe: You've already answered it:	14:21
niemeyer	<rogpeppe> niemeyer: ah, i suppose we can use our local key to sign a certificate for the server	14:21
niemeyer	<rogpeppe> niemeyer: and then use our local key as the root CA	14:21
rogpeppe	niemeyer: the reason for the possible authorized-keys possible-red-herring is that we already have a local key, which we use to connect with SSH. we could use that very same key to sign the initial certificate.	14:22
rogpeppe	niemeyer: rather than requiring everyone to generate another key just for juju	14:22
niemeyer	rogpeppe: Nope.. different worlds	14:23
rogpeppe	niemeyer: ok	14:23
rogpeppe	niemeyer: so... in this proposed world, we have our own key distribution problem at the client side.	14:24
rogpeppe	niemeyer: everyone that needs to bootstrap an environment must have a private key signed by the root key	14:24
niemeyer	rogpeppe: This seems to put a simple problem in somewhat of a dark perspective	14:25
niemeyer	rogpeppe: I'd put it more lightly as	14:26
niemeyer	rogpeppe: When we bootstrap, we sign the key we hand off to the server	14:26
rogpeppe	niemeyer: i suppose i'm slightly concerned at the change in juju usage implied here. before, you could just bootstrap anywhere, and connect to the environment from any other place as long as you had an authorized ssh key.	14:28
niemeyer	rogpeppe: That feels like an entirely different context than the one we're talking about	14:29
rogpeppe	niemeyer: now you can only bootstrap if you've got a private key that is derived from the root key.	14:29
rogpeppe	niemeyer: (the root key being the one mentioned in the other environments.yaml files, so that they can connect)	14:29
niemeyer	rogpeppe: Sorry, I think either you see something I don't, or you're creating a picture that I'm not perceiving	14:30
niemeyer	rogpeppe: Generate key, sign, send to server, profit..	14:30
niemeyer	rogpeppe: Where's the pain coming from?	14:30
rogpeppe	niemeyer: connecting again	14:31
niemeyer	rogpeppe: yes?	14:31
rogpeppe	niemeyer: if i'm connecting from a different host, i've got to verify that the bootstrapped environment's key was signed by the original key	14:32
rogpeppe	niemeyer: so i need to know about the original key	14:32
niemeyer	rogpeppe: Yes you do need to know about the server certificate if you want to validate the server is who we think it is	14:32
niemeyer	rogpeppe: That's called authentication	14:32
niemeyer	rogpeppe: Something we conveniently ignore right now	14:33
rogpeppe	niemeyer: we're actually verifying the client that did the bootstrap in this case.	14:33
rogpeppe	i think	14:33
niemeyer	rogpeppe: ?	14:33
rogpeppe	niemeyer: that's where the chain of trust starts	14:34
rogpeppe	niemeyer: which seems good, actually.	14:34
rogpeppe	niemeyer: hmm, i guess we'll have to issue the initial certficate with a very limited lifespan.	14:38
rogpeppe	niemeyer: no that doesn't work	14:38
rogpeppe	niemeyer: i'm not sure how we'll do the interaction to sign the new key when first connecting to the state.	14:39
niemeyer	rogpeppe: We can create a temporary cert to sign the trashed private key	14:40
rogpeppe	niemeyer: the server does that?	14:41
niemeyer	rogpeppe: We cannot create the certificate in the server because then we cannot talk to the server and know we're talking to the right server	14:41
rogpeppe	niemeyer: perhaps we need to run a little server that the client connects to, reads the new public key from the server, and sends back a signed cert	14:41
rogpeppe	niemeyer: indeed	14:42
rogpeppe	niemeyer: but we can (and should) generate a new private key on the server, and get that signed	14:42
niemeyer	rogpeppe: We can generate the private key on the client and sign it on the client where we have the certificate	14:43
rogpeppe	niemeyer: how do we send it to the server?	14:44
rogpeppe	niemeyer: we could put it in the state, i guess, but that seems wrong to me	14:45
niemeyer	rogpeppe: Why?	14:47
rogpeppe	niemeyer: for the same reason we don't put admin-password in the state	14:48
niemeyer	rogpeppe: One of the reasons we don't put it in the state is because nobody needs it	14:49
rogpeppe	niemeyer: i thought it was a security issue too - we don't want anyone with access to the state to be able to impersonate the state server.	14:51
rogpeppe	s/thought it was/think it might be/	14:51
rogpeppe	niemeyer: of course, they can only do that if they subvert DNS too	14:52
niemeyer	rogpeppe: Give me access to the state without a private key, and I'll dig the key out of the state server in a short while	14:53
rogpeppe	niemeyer: that's true of all our passwords too, of course. (with the exception of admin-password itself)	14:53
niemeyer	rogpeppe: No, you cannot figure the password actually, but that's a derail	14:54
niemeyer	rogpeppe: The points are:	14:55
niemeyer	1) We're consciously not handling authorization anywhere yet	14:56
niemeyer	2) Anyone with access to the state today can do whatever they want	14:56
niemeyer	3) That includes getting access to the state server	14:56
niemeyer	4) We're walking towards having a true API that manages authorization	14:56
niemeyer	5) With authorization, we can prevent people from having access to things they shouldn't	14:57
niemeyer	6) Even in the future, anyone that gets access to a state server database will have the private key for the server anyway, no matter if the key sits within the state or not	14:57
niemeyer	That's it, I think	14:58
rogpeppe	niemeyer: i suppose it just feels more secure to have the server generate its own private key. but you're probably right that it's unnecessary.	14:59
niemeyer	rogpeppe: Well, I won't argue about that. If you know why it's more secure I'd be interested though.	15:00
rogpeppe	niemeyer: it means we're not leveraging future security on current security so much. once a state server has obtained an identity, it can keep it, knowing that no-one else has its private key. that said, i can't think of any attacks in particular that this enables.	15:02
niemeyer	rogpeppe: Yeah, I don't see where the "more secure" bits went in	15:03
niemeyer	rogpeppe: And I see a bunch of issues to solve, such as how to distribute keys to replica sets, and how to ensure the key isn't lost	15:04
wrtp	hmm, don't know why i was kicked of then	15:08
wrtp	niemeyer: last thing i saw: [16:04:15] <niemeyer> rogpeppe: And I see a bunch of issues to solve, such as how to distribute keys to replica sets, and how to ensure the key isn't lost	15:08
wrtp	off	15:08
niemeyer	wrtp: Yeah, that was it	15:08
wrtp	niemeyer: what was the last thing you saw me say?	15:08
niemeyer	wrtp: Nothing after that	15:09
wrtp	16:06:29] <rogpeppe> niemeyer: here's a thought: is it actually possible to change the server's key after it has started running?	15:09
wrtp	[16:06:52] <rogpeppe> niemeyer: or will we need to shut down mongod and restart it pointing to the new private key	15:09
wrtp	?	15:09
niemeyer	wrtp: Short term, I suppose we have to restart it	15:11
wrtp	niemeyer: and there's another issue too - how do we ensure that the original certificate (in cloud-init) isn't valid forever, while ensuring we can connect an arbitrary time after bootstrap	15:12
wrtp	?	15:12
niemeyer	Oct 18 11:40:53 <niemeyer> rogpeppe: We can create a temporary cert to sign the trashed private key	15:12
wrtp	niemeyer: i'm not sure quite what you mean by that	15:12
niemeyer	wrtp: Temporary cert?	15:12
niemeyer	wrtp: What part?	15:12
wrtp	niemeyer: yeah	15:13
niemeyer	wrtp: Sorry, can you explain what you don';t understand?	15:13
wrtp	niemeyer: do you mean a certificate with a short expiry time?	15:13
niemeyer	wrtp: No.. I mean creating a certificate that is itself temporary	15:13
wrtp	niemeyer: i'm not sure what that means	15:14
wrtp	niemeyer: stored temporarily?	15:14
niemeyer	wrtp: I don't know how to explain that more simply	15:14
niemeyer	wrtp: Yes	15:14
wrtp	niemeyer: but the cert is in the cloud-init data; how can it be stored only temporarily?	15:15
niemeyer	wrtp: No, the cert is local	15:15
niemeyer	wrtp: priv and pub keys are in cloud-init	15:15
wrtp	niemeyer: don't we need to pass a cert in the cloud-init too?	15:16
wrtp	niemeyer: because we need to sign it with the client's private key	15:16
niemeyer	wrtp: Hm?	15:17
wrtp	niemeyer: isn't that the basis of our security here?	15:17
wrtp	niemeyer: how else do we know that the certificate is valid when we're connecting to the state?	15:17
niemeyer	wrtp: Because we have the certificate with which the private key was signed	15:18
niemeyer	Erm	15:18
niemeyer	The public key	15:18
wrtp	niemeyer: the server has that certificate?	15:18
niemeyer	wrtp: Not necessarily, although we should probably send the public part of it as a sensible thing to do	15:18
niemeyer	wrtp: That's not what the security is based on, though	15:19
wrtp	niemeyer: oh, i think i start tosee.	15:19
wrtp	to see	15:19
niemeyer	wrtp: A private key is used to sign stuff, and to encrypt stuff for people to have the public key	15:19
wrtp	niemeyer: i know that.	15:20
niemeyer	wrtp: A public key is signed by a private part of the certificate so that people holding the public part of the certificate can attest that whoever handed off the public key was signed by the private part of the certificate	15:21
wrtp	niemeyer: i do know how pk auth works, i think	15:21
niemeyer	wrtp: My apologies, but that's exactly what I've been explaining	15:22
wrtp	niemeyer: i'm just not entirely sure what configuration you envisage here	15:22
wrtp	niemeyer: i think i might see. i was thinking that the private key would be generated at bootstrap time.	15:22
niemeyer	wrtp: and it will	15:23
niemeyer	Oct 18 11:30:45 <niemeyer> rogpeppe: Generate key, sign, send to server, profit..	15:26
wrtp	niemeyer: (sorry, i'm feeling particularly dense today)	15:26
wrtp	niemeyer: i thought that the server side of the TLS connection needed the signed certificate	15:27
niemeyer	wrtp: The server side needs a public key signed by the local certificate and a private key	15:30
wrtp	niemeyer: hmm, that's what i thought	15:31
wrtp	niemeyer: so that {public key signed by the local certificate} must go into the cloud-init data, right?	15:31
niemeyer	wrtp: The server side needs a public key signed by the local certificate and a private key	15:31
niemeyer	wrtp: Both need to go	15:31
wrtp	niemeyer: yeah, sure, the private key too	15:32
wrtp	how does that tally with this: [16:15:22] <niemeyer> wrtp: No, the cert is local	15:32
niemeyer	wrtp: "signed by the local certificate"?	15:33
wrtp	niemeyer: isn't a public key signed by the local certificate a certificate itself?	15:33
wrtp	niemeyer: i'm probably getting my terminology wrong, sorry.	15:34
niemeyer	wrtp: It can be if its respective private key is used to sign something else.. but I don't think that matters/	15:34
niemeyer	?	15:34
wrtp	niemeyer: (i was thinking that certificates can't sign things, only private keys can)	15:34
niemeyer	niemeyer> wrtp: A public key is signed by a private part of the certificate so that people holding the public part of the certificate can attest that whoever handed off the public key was signed by the private part of the certificate	15:34
wrtp	niemeyer: private-part-of-certficate == private-key, no?	15:35
wrtp	gah!	15:35
niemeyer	wrtp: I suggest reading a bit about PKI..	15:36
wrtp	niemeyer: i have read a certain amount, but obviously not the right bits...	15:37
niemeyer	wrtp: http://www.openssl.org/docs/HOWTO/certificates.txt	15:38
wrtp	niemeyer: that seems to agree with what i thought	15:39
wrtp	niemeyer: i.e. the private key is not part of the cert	15:40
niemeyer	wrtp: I'm sure.. we're debating this for ages just because we all understand things and are in deep agreement :)	15:40
wrtp	niemeyer: i'm sorry. but part of my confusion here is about terminology. when you say "public key signed by the local certificate", i find it confusing, because a certificate can't sign things.	15:42
wrtp	niemeyer: so i'm trying to get around to asking how we can limit the lifetime of the certificate we send to the server in the cloud-init data.	15:43
wrtp	niemeyer: i'm sorry we seem to be having difficulty here.	15:44
niemeyer	wrtp: Do you understand what a root certificate is?	15:45
wrtp	niemeyer: i believe so	15:45
niemeyer	wrtp: Okay.. what does it do?	15:46
wrtp	niemeyer: it verifies that some root private key has some attributes	15:47
niemeyer	wrtp: Hmm.. no..	15:47
niemeyer	wrtp: It signs things	15:47
niemeyer	wrtp: and there is both a private part of it, and a public part of it	15:47
wrtp	niemeyer: the public part of it is the certificate, i believe	15:48
wrtp	niemeyer: the private key is just a private key, that can be used to sign any number of certs	15:48
niemeyer	wrtp: Nope.. it's a pair	15:48
wrtp	niemeyer: if i want to sign a certificate request, i can use this command:	15:49
wrtp	openssl x509 -req -days 10000 -signkey $keyfile -out $certfile -in $reqfile	15:49
wrtp	niemeyer: that produces a certficate signed by the specified key file.	15:49
wrtp	niemeyer: there's no inherent pairing	15:50
niemeyer	wrtp: There all those fancy names, but in the end it's good old asymmetric crypto	15:50
wrtp	niemeyer: indeed	15:50
wrtp	niemeyer: the different thing about a root cert, i suppose, is that it's self-signed.	15:50
niemeyer	wrtp: So, you use the private part of the key pair that some call certificate, some call whatever they want, to sign things	15:53
wrtp	niemeyer: yup	15:53
niemeyer	wrtp: The root CA is the public part of it	15:54
wrtp	niemeyer: yup	15:54
niemeyer	wrtp: The thing we see and can check	15:54
wrtp	niemeyer: yup. but we also need to check the intermediate certificate too, right?	15:54
niemeyer	wrtp: The private part of the root CA is what signs the public keys we use in the server that you can also call certificate if you want	15:54
niemeyer	wrtp: If there is an intermediate certificate, yes	15:55
niemeyer	wrtp: Then the private key of the root CA signed the public key of the intermediate certificate, and the private key of the intermediate certificate signs the server public key or public certificate if you please	15:55
wrtp	niemeyer: in this case, there must be an intermediate certificate AFAICS because we don't send the root certificate to the cloud	15:55
wrtp	niemeyer: ok, in that sense we probably won't have an intermediate certificate. it's that last bit i'm talking about.	15:57
niemeyer	wrtp: The two last sentences contradict each other	15:57
wrtp	niemeyer: i realised that i meant a different thing to you by "intermediate certificate"	15:58
wrtp	niemeyer: hence "in that sense"	15:58
niemeyer	wrtp: Intermediate certificate in general is unambiguous	15:58
wrtp	niemeyer: in this case AFAICS, we've got two certificates in the first instance: the root cert and the cert that we give to the bootstrap instance.	15:59
niemeyer	http://en.wikipedia.org/wiki/Intermediate_certificate_authorities	15:59
niemeyer	wrtp: Yes	15:59
wrtp	niemeyer: so the latter cert goes in the cloud-init data, right?	16:00
niemeyer	wrtp: Yes, we have to send the private key and the public key for the server in cloud-init	16:01
wrtp	niemeyer: it's more than just the public key - it's the certificate (which includes expiry time, possible server name etc) too, right?	16:02
niemeyer	wrtp: We can call it shit if you want..	16:02
niemeyer	wrtp: Sorry.. I'm getting slightly tired by now	16:02
wrtp	niemeyer: i'm sorry, that's a big difference	16:02
wrtp	niemeyer: because a certificate is valid for a while	16:03
wrtp	niemeyer: so even if we change the private key, that certificate will still be valid	16:03
wrtp	niemeyer: so we could make the expiry time short	16:03
wrtp	niemeyer: but that would mean that if we didn't connect soon after bootstrap, then it'll expire and we'll lose access to our newly bootstrapped state	16:03
niemeyer	wrtp: I suggest we use a temporary certificate to sign the key instead, but you already knew that 1.5h ago	16:04
wrtp	niemeyer: who signs the temporary cert?	16:04
niemeyer	wrtp: Nobody.. the temporary CA cert is the thing that sings the server cert	16:04
wrtp	niemeyer: ah... so you're suggesting making a temporary root certificate when bootstrapping?	16:05
wrtp	niemeyer: and storing that somewhere on the client's machine	16:05
niemeyer	wrtp: http://en.wikipedia.org/wiki/Public_key_certificate	16:05
niemeyer	wrtp: Yes	16:07
wrtp	niemeyer: okaaay	16:07
wrtp	niemeyer: that's what i was trying to get at by saying (ages ago) that it would be nice if we could write to environments.yaml.	16:08
niemeyer	wrtp: ROTFL	16:08
niemeyer	wrtp: Sorry.. this is getting somewhat sad :)	16:09
niemeyer	wrtp: I'll step out for lunch	16:09
wrtp	niemeyer: enjoy. sorry for my obtuseness.	16:10
TheMue	so, CL simplified and re-proposed. time to step out for dinner.	16:42
wrtp	niemeyer: this how i understand the current state of affairs (slightly simplified): http://paste.ubuntu.com/1287249/	16:46
wrtp	niemeyer: s/current state of affairs/currently proposed scheme/	16:46
wrtp	niemeyer: the simplification is that i'm not sure it's particularly useful to generate a certificate on the client side; all we need to verify is the public key of the server, so it can generate its own certificate.	16:50
wrtp	s/certificate/temporary certificate/	16:51
wrtp	niemeyer: for the record that page above (http://en.wikipedia.org/wiki/Public_key_certificate) contains nothing that implies that a certificate has a private part, or can be used to sign things. i believe my confusion was understandable.	16:56
niemeyer	wrtp: It contains the fact that a certificate has the public key signed by the CA, but I really don't want to discuss this anymore	17:21
niemeyer	wrtp: If you think it doesn't have a private counterpart, I won't force you into understanding it	17:22
wrtp	niemeyer: me neither. i'm hoping that my paste above will move things forward.	17:22
wrtp	niemeyer: (of course it has a private counterpart, the signer, but that's not part of the certificate)	17:23
niemeyer	wrtp: "contains nothing that implies that a certificate has a private part"	17:23
wrtp	niemeyer: it's not a part of the certificate. anyway, moving on.	17:23
niemeyer	wrtp: Changing the point until it becomes reasonable makes for a very painful conversation	17:24
wrtp	niemeyer: a certificate contains no private data!	17:24
niemeyer	<niemeyer> wrtp: "contains nothing that implies that a certificate has a private part"	17:24
niemeyer	wrtp: That's what you said	17:24
niemeyer	wrtp: That's what I responded to	17:24
wrtp	niemeyer: counterpart != part	17:24
niemeyer	wrtp: For my own sanity I'll stop talking for the moment	17:25
wrtp	niemeyer: ok	17:25
wrtp	niemeyer: i'm sorry this is difficult. i don't mean to be awkward, but when we're talking about this stuff, it helps to have some agreed terminology.	17:26
wrtp	niemeyer: we should have moved to G+ hours ago	17:26
wrtp	niemeyer: i'd very much like some reaction to my proposal above, as i plan to start implementing it tomorrow morning, if it looks ok.	17:29
niemeyer	wrtp: Will check	17:29
niemeyer	wrtp:	17:33
niemeyer	on initial server:	17:33
niemeyer	get tempKey from cloud-init data	17:33
niemeyer	tempCert = generate a self-signed certificate using tempKey	17:33
wrtp	niemeyer: is that bad?	17:34
niemeyer	wrtp: Just send the key/cert signed by the temporary local CA for the server to use	17:35
wrtp	niemeyer: what's the point of generating two keys when one will do?	17:35
wrtp	niemeyer: (i'm perfectly willing to accept that there may be a good reason, but i couldn't think of one)	17:37
niemeyer	wrtp: What are you going to put on the root CA field?	17:38
wrtp	niemeyer: the certificate itself.	17:38
wrtp	niemeyer: sorry, the temporary key itself	17:38
wrtp	niemeyer: it's self-signed	17:39
niemeyer	wrtp: Bingo.. it's a certificate, not a private key	17:39
wrtp	niemeyer: the server can generate its own certificate	17:39
wrtp	niemeyer: i don't think the server needs to share a CA with the client, but i may be wrong.	17:39
niemeyer	wrtp: Why are you generating the same certificate twice?	17:40
wrtp	niemeyer: we only generate it once	17:40
wrtp	niemeyer: on the server.	17:40
wrtp	niemeyer: the client just generates the private/public key pair	17:40
niemeyer	wrtp: and what do you put on the local root CA field?	17:40
wrtp	niemeyer: we don't need one	17:41
niemeyer	wrtp: Argh	17:41
niemeyer	wrtp: It's been three hours, and we're still stumbling upon basics of PKI	17:41
wrtp	niemeyer: we can do TLS authentication with no CAs	17:41
niemeyer	wrtp: Gosh	17:41
wrtp	niemeyer: i have Go code that does that, in fact.	17:42
niemeyer	wrtp: Okay, please teach me about how that works	17:42
wrtp	niemeyer: we use the usual diffie-hellman key exchange, which verifies the public key at the other end	17:43
wrtp	niemeyer: then we check that public key matches the one we expect	17:43
niemeyer	wrtp:	17:44
niemeyer	// RootCAs defines the set of root certificate authorities	17:44
niemeyer	// that clients use when verifying server certificates.	17:44
niemeyer	// If RootCAs is nil, TLS uses the host's root CA set.	17:44
niemeyer	RootCAs *x509.CertPool	17:44
niemeyer	wrtp: That's in the tls.Config type	17:44
wrtp	niemeyer: yes	17:44
wrtp	niemeyer: it's optional.	17:44
niemeyer	wrtp: What do you suggest we do with this?	17:44
wrtp	niemeyer: it'll work with an empty cert pool	17:44
niemeyer	wrtp: Yes, and what happens if you don't use it?	17:44
niemeyer	wrtp: What happens in that case?	17:44
niemeyer	wrtp: (hint: it's in the comment)	17:45
wrtp	niemeyer: you don't verify that the certificate is signed	17:45
wrtp	niemeyer: however...	17:45
niemeyer	wrtp: Wrong	17:45
wrtp	niemeyer: you can easily check the exact certificate	17:45
niemeyer	wrtp: It uses the host CA pool	17:45
niemeyer	wrtp: Which contains root CAs, which the key is not signed against	17:45
wrtp	niemeyer: you can use the ConnectonState method to find out the public key at the other end	17:46
niemeyer	wrtp: There are many things we could do, but that's not what we'll do. What we'll do is use plain and well known SSL, as intended.	17:46
wrtp	niemeyer: ok. it seems a bit unnecessary (checking the public key directly is just as strong), but fair enough.	17:47
niemeyer	wrtp: Sorry, I'll stop discussing that now. Let's talk next week.	17:47
wrtp	niemeyer: ok	17:47
wrtp	niemeyer: assuming we generate a certificate too, does the rest look ok?	17:47
niemeyer	wrtp: I really mean it, sorry about that. We've been discussing this for about 3h without progress. Next week we talk live with a whiteboard and sort it out.	17:49
wrtp	niemeyer: ok	17:49
wrtp	:-(	17:50
niemeyer	wrtp: I suggest picking stuff you'd enjoy working on tomorrow as a brain break	17:50
wrtp	niemeyer: i was thinking this might be quite fun :-)	17:52
wrtp	niemeyer: for the record: http://paste.ubuntu.com/1287384/	18:05
wrtp	i'm done for the evening	18:05
wrtp	night all	18:05
niemeyer	wrtp: Have a good evening	18:05
wrtp	niemeyer: and you. v sorry about the wasted time this afternoon.	18:05
niemeyer	wrtp: All good, next week will be a lot easier	18:05
wrtp	niemeyer: indeed	18:05
=== davechen1y is now known as davecheney

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!