Let's Encrypt Hits New Milestone: Over 100,000,000 Certificates Issued

Josh Aas, the executive director of Internet Security Research Group (ISRG) writing for Let's Encrypt: Let's Encrypt, a free, automated, and open certificate authority has reached a milestone: we've now issued more than 100,000,000 certificates. This number reflects at least a few things: First, it illustrates the strong demand for our services. We'd like to thank all of the sysadmins, web developers, and everyone else managing servers for prioritizing protecting your visitors with HTTPS. Second, it illustrates our ability to scale. I'm incredibly proud of the work our engineering teams have done to make this volume of issuance possible. I'm also very grateful to our operational partners, including IdenTrust, Akamai, and Sumo Logic. Third, it illustrates the power of automated certificate management. If getting and managing certificates from Let's Encrypt always required manual steps there is simply no way we'd be able to serve as many sites as we do. The total number of certificates we've issued is an interesting number, but it doesn't reflect much about tangible progress towards our primary goal: a 100% HTTPS Web.

Value?

[Frosty+Piss]

I'm not sure that one of these certs is any better than a self-signed cert...

Re:Value?

[Qzukk]

It's trusted by the browser by default, so it has that going for it.

Also, unlike self-signed certs it demonstrates that the person requesting the cert has control over the hostname(s), which is pretty much all I ever had to do when I paid for a non-EV certificate.

Re:Value?

It provides encryption, but not necessarily positive ID like you might expect from verisign

Re:Value?

[GameboyRMH]

They're a little better in that the fact that they come from a cert authority gives you some assurance that you're not being MITM'd. But it has always been stupid that browsers treat an HTTPS connection with a self-signed cert differently to an HTTP connection.

Re:Value?

The web-browser doesn't display a scary warning to all of your visitors?

Just about everyone gets encryption for nothing, with vague mitm threat---but if you're that worried, you should pay for a certificate (and nobody would examine it in detail anyway).

Re:Value?

It's considerably better than a self-signed cert. Browsers don't accept self-signed certs by default, throwing up big nasty warnings. Lets Encrypt is a fully-accepted CA.

It also costs as much as a self-signed cert. That is, nothing. Higher utility at the same price is higher value.

Re:Value?

[rahvin112]

Actually these certificates are far better than a cert you'd buy commercially. The only way to get one is to control a server within the domain name. This is more verification than you get on anything but an EV cert.

Re:Value?

[__aaclcg7560]

Google started giving higher rankings to websites with HTTPS/SSL than websites without a certificate. Since Let's Encrypt is a free option at my hosting provider, I got certificates for all my domains and subdomains.

http://searchengineland.com/google-starts-giving-ranking-boost-secure-httpsssl-sites-199446/

Re:Value?

Yeah...about that: https://arstechnica.com/security/2017/03/google-takes-symantec-to-the-woodshed-for-mis-issuing-30000-https-certs/.

Re:Value?

They get treated differently because they're different. self-signed certs are generating ecrypted traffic, http isn't. I know you already know that, but your flippant reply seemed to brush it off as if that's not a difference.

Also, self-signed certs are sometimes more secure than the public CA's. If you're using them for internal purposes, and you know the origin of them, you can guarantee they're safe. If you use a public CA, you never know what gov't or three-letter agency they've allowed to spoof a fake cert for MiTM attacks.

Re:Value?

[WaffleMonster]

Also, unlike self-signed certs it demonstrates that the person requesting the cert has control over the hostname(s), which is pretty much all I ever had to do when I paid for a non-EV certificate.

How does it demonstrate that? Can you explain specifically what makes this better than self-signed certs? What is the basis of trust used to establish ownership? What prevents an attacker with access to a victims wires from using LE to obtain fraudulent certificates?

Re:Value?

[__aaclcg7560]

Let's Encrypt is a shadow entity of the CIA so you have given them free run over all your domains.

Why do you think I work in government IT? :P

Re:Value?

when was the last time you tried to convince everyone and everything to accept that self-signed cert? different keystores here and there, all with different procedures to accept that certificate, what a pain in the ass.

Lets Encrypt is not about identity, it's about encryption. And Lets Encrypt signed certs are almost universally accepted. Lets Encrypt is essentially a self signed cert that "just works".

Re:Value?

[dknj]

Kind of like how SSH always treats your initial connection like a telnet connection? And warns you that unless you have authenticated the remote identity you should treat it as though unauthorized individuals are monitoring your traffic.

I am going to assume you meant it's always been stupid how browsers handled unauthenticated HTTPS certs. At the very least its necessary to warn about unauthenticated connections for all browser users, uneducated and experts alike. However, power users should be allowed to enable a switch to avoid glaring popup messages about SSL certificates. Ultimately this is solved via extensions since this is not a use-case for the typical browser user, so your complaint is really one of personal inconvenience.

The real purpose of Let's Encrypt is that it gives another layer of security to the typical browser user. More websites can exist with security with the minimum authorization necessary (control of the domain), but there still exists obvious methods of abuse. These abuses are countered by Certificate Revocation Lists (CRLs) which can turn an abusive site into a site that throws warning messages in most typical browser use cases.

-dk

Re:Value?

[Opportunist]

It demonstrates that the one holding the cert also holds the domain name. Nothing else. And nothing else is implied by the whole deal.

Contrary to popular belief, a certificate isn't a government ID. All it means is that whoever claims to be www.whatever.tld is actually www.whatever.tld, and that no man in the middle attack is happening.

And once people learn this, we could maybe start establishing some sort of security. The fact that https:/// isn't crossed out by your browser doesn't mean that www.bank0famrika.com is a good place to enter your online banking credentials.

Re:Value?

Im not that poster but I do have to look after a lot of servers with sites that have letsencryprt certs.

Basically it requires the same level of domain validation as any standard, non EV cert (including revocations) and provides the same level of protection for on the wire data interception with the disadvantage that certs are only issues for 90 days instead of 1+ years.

Look here for a overview of the the process, its pretty simple and the same as any other non EV cert:
https://letsencrypt.org/how-it-works/

Re:Value?

[AikonMGB]

How does it demonstrate that? Can you explain specifically what makes this better than self-signed certs? What is the basis of trust used to establish ownership? What prevents an attacker with access to a victims wires from using LE to obtain fraudulent certificates?

Public key cryptography. The client has to satisfy both the domain control challenge, and sign a nonce provided by the CA. The domain control challenge establishes control over the domain. The signed nonce provides client identity verification.

https://letsencrypt.org/how-it-works/

Re:Value?

[WaffleMonster]

They're a little better in that the fact that they come from a cert authority gives you some assurance that you're not being MITM'd. But it has always been stupid that browsers treat an HTTPS connection with a self-signed cert differently to an HTTP connection.

All lets encrypt does is move the point of MITM vulnerability from establishing a connection to obtaining the cert. A functionally equivalent MITM opportunity to untrusted self-signed certs persist regardless.

The fact that end users see a padlock icon in their browser and *assume* their connections are secure when in fact there is no rational basis for such a belief is a far worse reality than doing nothing.

My own view is that ALL DV CA's including LE should be shuttered immediately. All responsibly transferred to domain registrars who already have relationships established with domain owners. Current system is nonsensical, redundant, dangerous and completely unnecessary.

Re:Value?

[chispito]

I'm not sure that one of these certs is any better than a self-signed cert...

The value is that you don't have to pay some shifty dude $10 for the same level of verification, and it is auto renewing.

Re:Value?

[WaffleMonster]

How does it demonstrate that? Can you explain specifically what makes this better than self-signed certs? What is the basis of trust used to establish ownership? What prevents an attacker with access to a victims wires from using LE to obtain fraudulent certificates?

Public key cryptography. The client has to satisfy both the domain control challenge, and sign a nonce provided by the CA. The domain control challenge establishes control over the domain. The signed nonce provides client identity verification.

This isn't about the basics of PKI it's the basics of establishing TRUST that's the heart of my question regarding LE.

The basis of any secure system is TRUST not alphabet soups of cryptographic jargon. It's asking the basic question "WHY SHOULD I TRUST YOU?" and receiving a reasonable, verifiable response.

How does LE vet ownership to even assign certificates in the first place? What makes this process secure and trustworthy? If there is no good answer to that question all the cryptography in the world means nothing.

Re:Value?

[TheRaven64]

It demonstrates that the one holding the cert also holds the domain name. Nothing else. And nothing else is implied by the whole deal.

Not quite: the key exchange happens over HTTP and doesn't always use DNSSEC, so all that it actually proves is that the person issuing the certs was able to receive and reply to TCP packets going to the IP address that the Let's Encrypt server's DNS reported was associated with the domain name. That's a somewhat weaker guarantee (though no weaker than most non-EV certs).

Let's Encrypt also logs all certs with certificate transparency and so you can check (by grabbing the CT logs or using a web search) which certs have been issued for your domain and see if any of them don't match the public key that you think that you're using (and you can automate this from another machine). Chrome also reports certificates that it's seen to the CT logs, so you can spot when someone sees a cert that you don't think is yours. For example, I can look at my old university's computer society's CT log and see that they switched from StartCom to Let's Encrypt when everyone stopped trusting StartCom last year and see that their last three certificates all have different public keys, which implies that either someone is rapidly rolling over certs for no reason and is a numpty, or that someone else is playing silly buggers.

Re:Value?

[TheRaven64]

The ACME protocol doesn't ever give Let's Encrypt your private key, so they can't compromise your key. They can issue other certs for your domain (but so can any CA), but if they do then they'll appear in the certificate transparency logs for your domain (if anyone visits them with a client that records things in CT logs, at least), so you'd see.

Re:Value?

Try setting up www.gmail.com and getting it signed by LE.

Re:Value?

[AikonMGB]

This isn't about the basics of PKI it's the basics of establishing TRUST that's the heart of my question regarding LE.

The basis of any secure system is TRUST not alphabet soups of cryptographic jargon. It's asking the basic question "WHY SHOULD I TRUST YOU?" and receiving a reasonable, verifiable response.

Trust whom, the site owner? LE? Their CA? If you don't trust root CA, then you are SOL. Better unplug your computer. Otherwise, there's your trust chain: root CA vets LE to a level sufficient to grant them an issuing certificate, LE vets the site owner to a level sufficient to grant them a hostname certificate.

How does LE vet ownership to even assign certificates in the first place?

Ownership of what, the hostname? The client requesting the certificate has to satisfy a challenge, for example placing a file with specific contents at a specific location controlled by the hostname, or populating a specific DNS record with a specific value for that hostname's zone. If the client is able to satisfy those challenges, then it already has complete control over the hostname and the content it serves.

What makes this process secure and trustworthy? If there is no good answer to that question all the cryptography in the world means nothing.

If you aren't willing to engage in a discussion about public keys and cryptographic signatures, there's no way to answer this question for you. The cryptography is how the process is secured, and the public key nature (combined with satisfying the challenge above) is how the CA establishes trust.

Re:Value?

[GameboyRMH]

I agree with you, but I think browsers should treat HTTPS connections with self-signed certs the same as HTTP connections, as in not halting the connection with a giant warning page and forcing the user to jump through hoops before getting to the site. Let them through with the same little warning symbol now displayed for an HTTP connection. An HTTPS connection with a self-signed cert is in no way more dangerous than an HTTP connection.

Re:Value?

I'm using a fairly recent version of Chrome and I don't see any root cert for Lets Encrypt.

Are we supposed to download and install one? I don't see a typical user being able to do that.

Re:Value?

[Junta]

Ownership of what, the hostname? The client requesting the certificate has to satisfy a challenge, for example placing a file with specific contents at a specific location controlled by the hostname, or populating a specific DNS record with a specific value for that hostname's zone.

The concern being if you are launching a man-in-the-middle attack and you are near the server side of the connection, then you could pass such a challenge as well. Sure, in the overwhelmingly more likely case that you are close to the client side, you can't do this sort of thing, but it is possible particularly for small domains for an attacker to be close to the server side.

Now this may be no weaker than the status quo, I can't speak to that.

It's probably not good for https to pop up the word 'Secure' for non-EV certs, as it implies a lot more than it really means.

Re:Value?

[GameboyRMH]

I am going to assume you meant it's always been stupid how browsers handled unauthenticated HTTPS certs. At the very least its necessary to warn about unauthenticated connections for all browser users, uneducated and experts alike. However, power users should be allowed to enable a switch to avoid glaring popup messages about SSL certificates. Ultimately this is solved via extensions since this is not a use-case for the typical browser user, so your complaint is really one of personal inconvenience.

Everyone's personal convenience, not just mine. There's no reason the typical browser user should see any warning for self-signed HTTPS that would not also be displayed for an HTTP connection, it's in no way more dangerous. Browser developers are effectively giving handouts to the CA industry and hindering adoption of HTTPS by halting with an error when encountering self-signed HTTPS certificates.

Re:Value?

[WaffleMonster]

Trust whom, the site owner? LE? Their CA? If you don't trust root CA, then you are SOL. Better unplug your computer.

My remarks are limited to establishing domain ownership.

Ownership of what, the hostname? The client requesting the certificate has to satisfy a challenge, for example placing a file with specific contents at a specific location controlled by the hostname, or populating a specific DNS record with a specific value for that hostname's zone. If the client is able to satisfy those challenges, then it already has complete control over the hostname and the content it serves.

DNS is insecure.
HTTP is insecure.
The routing infrastructure of the Internet itself (BGP et al) is insecure.

Both DNS and HTTP are subject to trivial MITM attack by anyone with access to a victims wires.

If the answer is it depends on responses from any of these protocols then one might as well implement RFC3514 and roll out a mission accomplished banner.

Re:Value?

[AikonMGB]

The concern being if you are launching a man-in-the-middle attack and you are near the server side of the connection, then you could pass such a challenge as well. Sure, in the overwhelmingly more likely case that you are close to the client side, you can't do this sort of thing, but it is possible particularly for small domains for an attacker to be close to the server side.

Not quite -- the client generated a private-public key pair when it first contacted LE, communications between the client and LE are encrypted, and the client answering the challenge is required to sign a nonce provided by LE using their private key. The MITM near the server side of the connection does not have the private key, and so cannot read what the challenge value should be, and cannot sign the nonce.

Re:Value?

[Junta]

The point being you connect to http, and no worries, it's all cool. It's warm and fuzzy and not at all something to fret about.

You connect to https with self-signed cert, *IT'S THE END OF THE WORLD*, you are horribly insecure, it's dangerous, you shouldn't even *try* to talk to the server, if you really want to you should click through 2 or 3 dialogs, and also you should be forced to do that every time you reconnect to the same server, without even a hint of whether the certificate changed from last time.

It's just such a strange disconnect. I have seen web server operators opt to prefer http rather than https so as not to scare off users, even if they may be handling potentially sensitive information.

Self-signed certs should be treated more like ssh keys in general.

Re: Value?

Letsencrypt certs are signed with IdenTrust DST root.

Re:Value?

[WaffleMonster]

Not quite -- the client generated a private-public key pair when it first contacted LE, communications between the client and LE are encrypted, and the client answering the challenge is required to sign a nonce provided by LE using their private key. The MITM near the server side of the connection does not have the private key, and so cannot read what the challenge value should be, and cannot sign the nonce.

Are you referring to a legitimate domain owners client or an attackers client?

Re: Value?

If you ever use their manual web based tool https://gethttpsforfree.com you'll see how it validates you own, or at least have the ability to place files on the web host. When you fill out the form it will ask you to place a file with specific contents on the web server. It then does a get request on your host to retrieve the file and confirm the contents match

Re:Value?

[Oloryn]

Let's Encrypt's root certificate is signed by IdenTrustâ(TM)s DST Root X3 certificate, which should already be installed.

Re:Value?

DNS is insecure.
HTTP is insecure.
The routing infrastructure of the Internet itself (BGP et al) is insecure.

Both DNS and HTTP are subject to trivial MITM attack by anyone with access to a victims wires.

If the answer is it depends on responses from any of these protocols then one might as well implement RFC3514 and roll out a mission accomplished banner.

Sounds like your problem isn't with Lets Encrypt, it's with the entire concept of issuing encryption certificates, regardless of issuer.

Re:Value?

[cryptizard]

Ok but what is your point? That is how every other CA also does domain verification. Are you saying all CAs are broken? If so, why are you still using the internet?

Re:Value?

[heypete]

For example, I can look at my old university's computer society's CT log and see that they switched from StartCom to Let's Encrypt when everyone stopped trusting StartCom last year and see that their last three certificates all have different public keys, which implies that either someone is rapidly rolling over certs for no reason and is a numpty, or that someone else is playing silly buggers.

That seems pretty reasonable: all of the listed certs from 2016-09-23 to the present (except on 2017-05-21, I have no idea what's going on there) have been replaced at 2-month intervals, which is in line with the recommendations and when the reference implementation of their ACME client (certbot) renews certs (the certs are valid for 90 days and are renewed after 60 days). Each renewal involves the generation of a new public/private keypair. All in all, seems pretty reasonable.

Re:Value?

[AikonMGB]

Are you referring to a legitimate domain owners client or an attackers client?

I was referring to MITM attacks on the certification process itself.

For an attacker to initiate the process and successfully complete the validation, they would either need control of the server (or be able to impersonate it), or control of the authoritative DNS records. In either case, the certification is logged publicly by LE. In the former case, you point your DNS somewhere else and generate new certificates. In the latter case, the "attacker" actually does control the hostname*, so the certification is valid.

* The assumption here is that it would be difficult to MITM LE themselves when doing authoritative DNS lookups. Presumably LE uses distributed servers to make this very difficult, but I haven't looked into it.

Re:Value?

[WaffleMonster]

Sounds like your problem isn't with Lets Encrypt, it's with the entire concept of issuing encryption certificates, regardless of issuer.

My problem is with lets encrypt and every other CA automatically issuing certs using methods they know damn well to be completely insecure subject to the very same forms of attack certificates being issued are intended to prevent. It's a breathtakingly idiotic and dangerous practice.

I don't have a problem with the underlying technology. PKI is awesome when deployed properly. When deployed with the level of fail LE and other DV CA's are currently bringing to the table you damn well better believe I have a problem with it.

The sad part in all of this is that it's also pointless and trivially remedied. The domain registrars are the ones who should be handing out domain certs as they already have relationships with domain owners. At the very least registrars could be providing authorization tokens to be consumed by third party CAs. There is no excuse for current behavior and practices.

Re:Value?

[gmack]

DANE would have made that easy since it would have validated the certificate against the DNS record, but people are too lazy to implement DNSSEC which is needed before we even think about DANE.

Re:Value?

[gmack]

We could have had that.but DANE is worthless without DNSSEC and everyone is too lazy to implement DNSSEC.

Re:Value?

[WaffleMonster]

For an attacker to initiate the process and successfully complete the validation, they would either need control of the server (or be able to impersonate it), or control of the authoritative DNS records.

The assumption here is that it would be difficult to MITM LE themselves when doing authoritative DNS lookups.

You don't have to MITM LE's infrastructure. All that is needed is to MITM your victim's wire which may well include DNS traffic toward their (authoritative) DNS server.

Re:Value?

> The domain registrars are the ones who should be handing out domain certs

The sucking sound you hear is the noise my company credit card makes when dealing with my registrar.

Re:Value?

[WaffleMonster]

We could have had that.but DANE is worthless without DNSSEC and everyone is too lazy to implement DNSSEC.

DNSSEC should not be deployed until DNS amplification countermeasures are fully deployed. This can be RFC7873, TCP, (D)TLS... I don't care which... To go ahead with deployment of DNSSEC knowing DNS infrastructure will be leveraged to launch massive DDOS attacks is massively irresponsible.

Re:Value?

Why do you think I work in government IT?

Because you're too stupid and lazy to get a better-paying job elsewhere?

Sorry, was that a trick question?

Re:Value?

Typical certs are issued for at least one year. These certs are issued for months. So there is some artificial inflation of the number in that way. Being free, some of these certs have never actually been used. Because of the relatively anonymous checks being performed for this free service, there are probably many use cases that involve securing malware or the like.

Re:Value?

[AikonMGB]

You don't have to MITM LE's infrastructure. All that is needed is to MITM your victim's wire which may well include DNS traffic toward their (authoritative) DNS server.

This is one of the reasons I use a separate DNS provider.

Re:Value?

>This is accomplished by running a certificate management agent on the web server.

Haha. Fuck off :D

Re:Value?

[AikonMGB]

Also keep in mind what an LE certificate actual says: https://en.wikipedia.org/wiki/...

If the attacker controls the domain, then the certificate is valid.

Re:Value?

[AF_Cheddar_Head]

Wait until your IA folks decide to flip the little switch making it so you cannot accept the unrecognized or self-signed certificate and continue on to the site or device. Some devices use self-signed certificates and make it impossible to replace the certificate with one from and internal or external CA. I'm looking at you Equallogic.

Re:Value?

[AF_Cheddar_Head]

You aren't following the rule if you are using Let's Encrypt certificates on government systems. Yep, I work DoD IT.

Re: Value?

There is already a solution doing exactly what you want: DNSSEC with TLSA records. (DANE)
The TLSA record also allows you to use self-signed certificates. Problem is, that with the exception to secure mail transfer nobody is using it much... but there are plugins to add support for it to Browsers. (I'm using https://addons.mozilla.org/en-US/firefox/addon/dnssec-validator/)
I think self-signed certs at the moment still force you to click through all the usual warnings when used for https, but that would be a trival change for the browser developers if/once DANE gets accepted for that...

DNSSEC/TLSA has also it's own pitfalls and complexity, but I'm cheering it on and hope it will replace the current CA model in some years.

Re:Value?

[dissy]

Also, unlike self-signed certs it demonstrates that the person requesting the cert has control over the hostname(s), which is pretty much all I ever had to do when I paid for a non-EV certificate.

How does it demonstrate that?

Because one must create a file under a name specified by LE, with contents specified by LE.
Only one with control over the webhost has access to create files on the webhost.

Can you explain specifically what makes this better than self-signed certs?

Anyone can create and sign a self-signed certificate with any domain(s) in it they wish.
You can not easily verify the website owner is the creator of the private key, and in fact the only one way to do so is to compare the certificate signature/hash you see with the website owner, which requires another form of secure out-of-band communications.

With LetsEncrypt, you personally for example can not issue a certificate for my domain.
I personally can not issue a certificate for your domain.

Additionally with self signed certificates, you would need to have end-users install your self signed public key in their browsers manually, and to actually be secure it would have to actually be the one you generated.
As an attacker I can provide my own public key to your users to trust, with your domain in it, and there is little chance they wouldn't know it was my key instead of yours.

Certificate Authorities have their public keys in the browser already.

What is the basis of trust used to establish ownership?

Access to a web servers files or DNS zone for the domain in question is required.
This is the exact same identical process any other CA in the world uses for class-1 certificates.
In other words, if you know how any CA handles class-1 certs, you know how LE handles them. It is identical.

What prevents an attacker with access to a victims wires from using LE to obtain fraudulent certificates?

What prevents a person with control over the domain from requesting a certificate for that domain?
The exact same thing that prevents an attacker from getting a certificate from any CA issued for that domain - nothing.

If I was an attacker in that position to have control over a victims web host or DNS, I could get a certificate issued from Lets Encrypt, or GoDaddy, or ICANN, or any of the many hundreds of certificate authorities out there.

Re:Value?

[thegarbz]

Other than not blocking people, or throwing a hissy every time you visit a site with any modern browser it's not different.

Re:Value?

[thegarbz]

You can generate a certificate for any domain right now and install it anywhere. That's self signed. It's also why it's not trusted in a browser by default.

This authority is trusted by default. How does it prove you're the owner of a domain? Easy: it checks. The process is simple: Run a script on the server, server generates API request for a key to Lets Encrypt, that key gets dropped by the script on your server, another API request causes the Lets Encrypt server to check your server to see if the key is now present and if it is it grants the certificate and the key can then be deleted.

The only way to pass that is to be in control of the server from the view of the Lets Encrypt server. That means you either need to DNS hijack their server or have access to the server for which you're claiming you have authority.

That's it. It is actually a far more detailed and robust validation process than most other non-EV certificates which are often satisfied with an email address and a whois entry.

Re:Value?

[thegarbz]

Let's encrypt is an issuing authority only. Issuing authorities don't have their certificates listed in the browser. The chain of these leads back up to a root authority. The certificate you're looking for in Chrome is IdenTrust's DST Root CA X3 as per the above poster.

Re:Value?

[nate_in_ME]

The only thing the management agent does is handle the "auto-renew" for you. I manually create LE certificates for a domain we use for work (and would do more for our remote access panel, but LE has made the decision not to allow creation of certificates without a domain, so our server that is only available by IP gets left out). Other than the certificate data itself, we have nothing special installed on our server.

Re:Value?

[tattood]

The way that you get a cert issued by LE is the same as with any other CA company. So if some bad guy can register any domain, and put up a website, they can purchase a cert that is trusted by your browser. How can you TRUST that this website is not bad, just because their certificate was issued by GoDaddy, or some other CA?

The CA is not verifying that you are not doing anything bad, just that you control the web server. The same is true for LetsEncrypt certificates.

Re:Value?

Haha. Fuck off :D

You are not very bright. To put it mildly.

Re:Value?

[epine]

The fact that end users see a padlock icon in their browser and *assume* their connections are secure when in fact there is no rational basis for such a belief is a far worse reality than doing nothing.

That was more than you needed to write.

The fact that end users see a padlock icon in their browser flushes orthogonality down the toilet.

There should have been (and should now be) two separate icons: a cone of silence icon that indicates session encryption, and a second Alex Trebek icon that indicates that the server you are presently visiting is a validated celebrity, standing up.

To Tell the Truth

Presented with the correct conceptual icon map, the problem with the falsehoods users assume might magically become vaguely tractable.

I kind of wish that the OS would notice the web browser displaying the padlock icon, and then put up an intrusive dialogue box "the padlock icon is known to cause widespread damage to the end-user's conceptual map" and only allow the user to proceed to use the web browser after registering a stupid-by-design exception.

Some bad actors rip you off. Other bad actors merely promulgate bad conceptual models. I'm pissed at both.

Re:Value?

[__aaclcg7560]

Because you're too stupid and lazy to get a better-paying job elsewhere?

Fully funded, five-year contracts are a bit hard to find in the private sector. :p

Re:Value?

[__aaclcg7560]

Yep, I work DoD IT.

I work for a three-letter agency. Slashdot's favorite guesses include FBI, CIA, NSA and GPO.

Re:Value?

We could have had that.but DANE is worthless without DNSSEC and everyone is too lazy to implement DNSSEC.

DNSSEC and as such DANE is broken since any reasonable implementation requires you to trust a simple non-secure flag sent by your DNS resolver (called the AD bit).

This means you just need to trust any DNS resolver on any public network you connect to. And no current smart phone, windows pc and so include their own recursive resolver to check the chain of trust offered by DNSSEC. They just blindly trusts the AD bit without requiring any proof.

Considering this, its safe to say that DNSSEC will never be a solution to any security or chain of trust since it is one of those protocols made up in a time with only stationary desktop computers on a trusted local network.

Re:Value?

https://www.mentalhealth.gov/

Please talk to someone.

Re: Value?

Silicon valley, TLA, IT guessing you work on old Onitzuka. Supporting NRO satellite prep. Maybe still Attached to Space Command.

Cheddarhead

Re: Value?

[__aaclcg7560]

Silicon valley, TLA, IT guessing you work on old Onitzuka.

The Blue Cube got decommissioned in 2011 and demolished in 2014. My father and I did a construction job there in 1988, where we were locked inside the construction area for the duration of our shift and armed MPs with snarling guard dogs patrolled the perimeter of the chain link fence.

Re: Value?

So you were 17 when you worked construction at an Air Force Base, while at the same time you went through your health issues?

Very confused; please clarify.

Re: Value?

[__aaclcg7560]

So you were 17 when you worked construction at an Air Force Base, while at the same time you went through your health issues?

I was 16 when I got a new bike and lost 70 pounds that summer from riding my bike all over the county. The health issues I had before then disappeared. I started working in construction when I turned 18 and went to college when I was 20. I rode a bike until my mid-30's and then switched to the gym for working out. Too many soccer moms were trying to run me off the road.

Very confused; please clarify.

https://www.cdreimer.com/slashdot.html

Re:Value?

Yeah because there you'd have to pull your own weight. You'd be fired within two weeks for any number of reasons.

Re:Value?

[__aaclcg7560]

You'd be fired within two weeks for any number of reasons.

The only time I was ever fired was when I worked my father and I punched the boss's grandson in the mouth. That was 27 years ago.

Re:Value?

The only thing you're trusting in encryption is identity. The certificate model itself is insecure and centralized, so it can only be secure to a certain extent. There's implicit trust in the CA, regardless.

As for trusting the CA, well, what are your criteria for trust? Trust is a nebulous concept that means different things to different people.

LE certs aren't given to individuals. They're given to websites. Anyone who can wrest control of a domain can request a cert. What other metric would you use for free certs? Requiring scanned photo ID? That's a security nightmare waiting to happen because now you have to safeguard certificates *AND* SPI.

Re:Value?

What happened? Did he reach for your sandwich?

Re:Value?

Let domain registrars handle it, so they can charge $99 a year for a secure certificate? That artificial barrier to entry and clear predation of consumers is precisely why Let's Encrypt was formed. A commercial CA doesn't give a fuck what happens to you as long as you paid for the cert.

Re:Value?

[__aaclcg7560]

What happened? Did he reach for your sandwich?

He found out the hard way that I don't start fights but I do finish them. That always surprised people. Just because I'm fat doesn't me I'm a pushover.

Re:Value?

Because certificate authorities are only relevant in HTTP(S). The Internet is far, far more than just the Web.

Re:Value?

[WaffleMonster]

The CA is not verifying that you are not doing anything bad, just that you control the web server. The same is true for LetsEncrypt certificates.

If this were true there would be no problem. Unfortunately the assumption CA is verifying administrative control over a web server is provably false.

The entire point of having CAs issue public key is prevention of MITM attack from those with access to packets to and from a victims network.

HTTP traffic from any web server is trivially vulnerable to MITM attack. If I can access Internet traffic from my victims network I can go to any DV CA on the planet using completely automated means have a CA assign me a key I can then leverage with impunity to MITM my victim without detection from that point forward.

This isn't what I would call security nor is it necessary or defensible. It's simply terrible and idiotic.

So if some bad guy can register any domain, and put up a website, they can purchase a cert that is trusted by your browser.

For their own domains, not someone else's.

How can you TRUST that this website is not bad

Passing judgment as to the disposition of a site isn't the point of DV certs. The only thing DV certs are supposed to do is make sure those with administrative control over a domain are the same people who have administrative control over the issued cert. The problem is automated verification procedures currently widely deployed are wholly incapable of making such determinations.

Re:Value?

[WaffleMonster]

If the attacker controls the domain, then the certificate is valid.

The problem is an attacker does not need to control the domain. They just need to control packets to and from it.

Re:Value?

[WaffleMonster]

Let domain registrars handle it, so they can charge $99 a year for a secure certificate? That artificial barrier to entry and clear predation of consumers is precisely why Let's Encrypt was formed. A commercial CA doesn't give a fuck what happens to you as long as you paid for the cert.

My belief is one or both of the following must happen:

1. Domain registrars should be required to assign certs automatically as standard part of domain ownership or everyone should just drop the current system and switch to DANE. Registrars must not be allowed to treat it separately as an "add-on".

2. Domain registrars should be required to provide domain owners authorization tokens consumed by CAs and other entities to securely provide proof of ownership/control to existing DV CA's and or LE for verification purposes.

I would very much prefer to see the current system burn to the ground and replaced entirely with DANE. There is significant negative value in the existence of CAs performing automated DV.

Re:Value?

[tlhIngan]

The value is that all the fake Paypal sites and banking sites are now secure! See the https? Secure! Like we taught everyone to trust the lock! Never visit a financial site unless you see the lock symbol in the corner of the window. It's the surest way to tell a fake site from a real site!

(Yes, it's a sad fact that a good majority of certificates are issued to phish users. We have to train users how to tell a real site from a fake site - no more relying on the lock).

Re:Value?

[ls671]

Come on, I am 5'8'', 160 lbs and I can beat the shit out of you anytime.

Let's organize a contest so we can both add to our revenue streams...

Re: Value?

Fully funded, five-year contracts are a bit hard to find in the private sector.

No they're not. In the private sector, we call those "full time jobs," and they pay a hell of a lot more than 50k per annum in Silicon Valley.

Stop trying to make your shitty life outcomes sound as if they're something to be respected, creimer. You're an abject failure.

Re: Value?

[__aaclcg7560]

You're an abject failure.

If I was an "abject failure," I wouldn't be getting up at 4:30AM to go to my day job that pays the bills, come home and work until 10PM on my side business that brings in the cash flow.

Re: Value?

If I was an "abject failure," I wouldn't be getting up at 4:30AM to go to my day job that pays the bills, come home and work until 10PM on my side business that brings in the cash flow.

Actually yes, that's pretty much the definition of "abject failure." You're working 18 hours a day to pull down 50k per year. That's 90 hours a week devoted to work, which means your hourly wage averages out to about 11.60.

Congratulations, you make slightly more than federal minimum wage (and significantly less than minimum wage, if you live in a place with $15 minimum wage), and are wasting all of your valuable time in life trying to "pay the bills" and "generate cash flow."

Meanwhile, the successful people are working 40-50 hours a week, and spending that extra time with their families, friends, and doing things that foster their spiritual, social, mental, and physical growth.

Re: Value?

I was 16 when I got a new bike and lost 70 pounds that summer from riding my bike all over the county.

It's also super hard to shovel food down your gullet while you're riding a bike. I suspect that's most of why you lost weight so dramatically.

The health issues I had before then disappeared.

Well, yeah, other than the morbid obesity and mental illness. But other than that, Mrs. Lincoln, how was the play?

I rode a bike until my mid-30's and then switched to the gym for working out.

And look how well THAT turned out for you - unable to lose weight while working out for 10-15 years at the gym, even while eating a 1500 calorie a day diet! Should've kept on riding that bike, jumbo.

Too many soccer moms were trying to run me off the road.

If you ride a bike like you do everything else, I suspect it was more like you were incapable of keeping the bike moving in a straight line, and thus everybody on the road was forced to take evasive action, lest a 375 pound tub collide with their car, and cause thousands of dollars of damage. Those "near misses" should be counted lucky by you, creimer.

Re:Value?

but I do finish them.

Did you shoot him?! You've threatened to shoot so many people here, I can only assume that's your go-to move when you feel frustrated with someone.

Re: Value?

I think creimer mastered "physical growth" a long time ago! He has spun a story about himself to shield him from the reality of his life. He is totally resistant to logic, facts, reason, and reality.

The day that shield comes down will be terrifying.

Re: Value?

[__aaclcg7560]

You're working 18 hours a day to pull down 50k per year.

Nope. The day job that pays the bills is $55K per year with benefits. I've never stated how much cash flow that the side business generated. But don't let a lack of information stop you from speculating how many extra half-cents I make.

Meanwhile, the successful people are working 40-50 hours a week, and spending that extra time with their families, friends, and doing things that foster their spiritual, social, mental, and physical growth.

You mean when I was working 60 hours a week as a lead video game tester, attending two programming classes at the community college, going to church and teaching Sunday school? I'm not as young as I used to be. I'm taking life at a much slower pace these days.

Re:Value?

[__aaclcg7560]

Did you shoot him?!

Oh, no. What I did to him was much worse: I enrolled in college and started my technical career. Last I heard he was still a drug addict and living on welfare. His father shut down the family business after three generations when he retired ten years ago.

Re:Value?

[__aaclcg7560]

Come on, I am 5'8'', 160 lbs and I can beat the shit out of you anytime.

I'll gladly let you beat the shit out of me — and watch the police haul your sorry ass away. One guy thought I was joking about that, but I explained the situation to him: 1) he would rot in prison, 2) his wife would divorced him and marry the man that she's having an affair with, and 3) his daughter would have an excellent stepfather to take care of her. His bravado disappeared in a hurry. Last I heard he wasn't in prison but his wife divorced him, married the other guy, and his daughter loves her stepfather more than him. Sad.

Re: Value?

With that black belt in virginity you must have been the best Sunday school teacher ever!

Did you also give lessons in humility?

" I've never stated how much cash flow that the side business generated."

We can guess. A successful YouTube channel can generate 50K-60K Australian dollars per year, like EEVBlog. You have no such presence, and it's doubtful you could pull it off.

We also know successful ebook authors don't need to constantly and desperately shill their books on a daily basis. They also GIVE AWAY entire novellas that are better written and more interesting than anything you've written.

Successful authors also don't insanely protect their "personal brand", and they also don't forget to register their name on websites they use.

You're making MAYBE 150$ a year given your approximately 1000 hours you put into it. There's simply nothing out there that googles with your name that could possibly generate even that much. I'm being extremely generous here.

In other words, your "revenues" amount to 15 cents an hour. A fair wage for a Bangladeshi garment worker.

You'd be better off buying a metal detector and going to the beach, and fight off the other hobos and unmedicated loons there.

Re: Value?

[__aaclcg7560]

A successful YouTube channel can generate 50K-60K Australian dollars per year, like EEVBlog.

That isn't Dave's only source of revenue. He sells electronic gear and t-shirts, affiliate links for products he reviewed, and accepts donations from viewers. A successful business should have at least 30 sources of income. YouTubers who rely exclusively on YouTube for income are screwed by the advertiser boycott and plummeting ad rates. I saw my rate go from $1.00 per 1K views to $0.70 per 1K view for one of my channels.

You're making MAYBE 150$ a year given your approximately 1000 hours you put into it.

Sorry, mate. That's how much I made this month for traffic-related ad revenues from Slashdot. All I have to do is consistently post two dozen comments per day. While everyone piss, moan and groan about my comments, curious readers check out my blog (homepage link above) or author website (preorder link below).

Re: Value?

Your channels? Like the video of a bee on your jacket?

You're sick, Chris. Get help.

"Sorry, mate. That's how much I made this month for traffic-related ad revenues from Slashdot."

So much for "private and confidential", huh Chris? And this month was unusual; after I invented "cdreimer" and others followed suit with more creative names, we created quite a buzz around you. And I doubt next month will generate anything once people realize what a monotonous boring fool you are.

Re: Value?

Nope. The day job that pays the bills is $55K per year with benefits.

And in Silicon Valley, in IT, with 20+ years of experience, that's ridiculously low. My day job (20 years of experience here) pays $145k per year, with benefits, and I work at most 50 hours a week, and am home almost every day by 6:30 pm for dinner with my family, and get to spend a couple hours with the kids. My weekends are wide open almost every weekend. When I move on from this job (probably in a year or so), I should be able to net myself a reasonably good pay bump as well, because my employer values me enough to send me to conferences, training, and allows me to work on "new tech" projects that are interesting to me. I get paid for that.

I've never stated how much cash flow that the side business generated.

$27 a month you claimed in ad revenues. And let's be honest - your "thirty revenue streams" aren't even all contributing that much money. IF they were, you'd be pulling down an extra $810 a month, or just shy of 10 grand a year. Meaning you work your fingers to the bone for... $15 an hour.

Congratulations, if you moved to Seattle, you'd be able to make the same money working at McDonald's. Except McDonald's probably wouldn't hire you, either.

You mean when I was working 60 hours a week as a lead video game tester, attending two programming classes at the community college, going to church and teaching Sunday school? I'm not as young as I used to be. I'm taking life at a much slower pace these days.

Yes, you were still a failure then. I'm pretty sure that's the question you were asking, right? Because your idiotic babble gets hard to follow at times.

Re:Value?

[AikonMGB]

The problem is an attacker does not need to control the domain. They just need to control packets to and from it.

If they control all packets to and from the domain for all users, then they effectively control the domain. If they only control packets to and from the domain for a small subset of users that does not include LetsEncrypt (an assumption of the security model, and why LE likely uses several distributed servers), then they cannot successfully obtain a certificate.

Re: Value?

[__aaclcg7560]

Your channels? Like the video of a bee on your jacket?

That's one video on one channel. Do you think I do everything under one pen name?

So much for "private and confidential", huh Chris?

I've been tossing around the ad revenue figure for months now.

And I doubt next month will generate anything once people realize what a monotonous boring fool you are.

Maybe, maybe not. Let's see if someone tries to top the dick pics this weekend.

Re:Value?

Oh, no. What I did to him was much worse: I enrolled in college and started my technical career. Last I heard he was still a drug addict and living on welfare. His father shut down the family business after three generations when he retired ten years ago.

What a rich fantasy life you seem to have, creimer!

You told us that you "finished" the fight with him by punching him in the mouth. But then you change your tune and suddenly "enrolling in college and starting a technical career" is somehow showing him something.

Do you ever shake your head, look at yourself in the mirror, and say, "If you were any more full of shit, you'd squeak," creimer?

Re: Value?

[__aaclcg7560]

Because your idiotic babble gets hard to follow at times.

That's because you're trying so hard to discredit me that you're confusing yourself with your own line of bullshit. What is it about fat people that makes you and other asshats so stupid?

Re: Value?

That's because you're trying so hard to discredit me

You do that just fine all by yourself. I'm not trying very hard, I promise.

that you're confusing yourself with your own line of bullshit.

What bullshit is that - that just about everybody here on this site makes far better money than you, in far less time, while you walk around pronouncing how smart you are for working minimum wage? If there's anybody spouting bullshit here, creimer, it's you.

What is it about fat people that makes you and other asshats so stupid?

Nothing I've written or said here is about you being fat. I'm pointing out the sheer idiocy of your claims, and somehow you want to make that about you being fat. I don't give a shit if you're putting yourself in an early grave by overeating, that's your problem, not mine. You shitting up every Slashdot post with your inane comments however, is a problem that affects me, because it wastes my time and ruins my enjoyment of the interesting and insightful comments that people post here. Yours never rise to that standard.

Re:Value?

[__aaclcg7560]

You told us that you "finished" the fight with him by punching him in the mouth.

I did.

But then you change your tune and suddenly "enrolling in college and starting a technical career" is somehow showing him something.

I enrolled in classes the very next day. Fast forward 27 years later, I'm a tech professional and he's a drug addict.

Re: Value?

"Do you think I do everything under one pen name?" ...you're diluting your own "personal brand" and then get upset when a very entertaining, intelligent, handsome, and well-hung individual signs up "cdreimer" to make fun of you?

"Maybe, maybe not. Let's see if someone tries to top the dick pics this weekend."

Make your own

https://www.youtube.com/watch?v=_oM74y0suaU

Re: Value?

[__aaclcg7560]

you're diluting your own "personal brand"

There's only one personal brand. I do have other brands that are not about me. Shocking, I know.

then get upset when a very entertaining, intelligent, handsome, and well-hung individual signs up "cdreimer" to make fun of you?

An episode that resulted in five user accounts being deleted. Yes, I'm aware that there are other fake user accounts lurking about.

Make your own

And settle for once and for all whether I have dick big enough to suck on daily or a puny little dick that makes an ape proud?

Re: Value?

Even the apes rejected your membership, creimer. Maybe try the quadrupeds?

Re: Value?

"There's only one personal brand."

Have you considered selling toilet paper under that brand? Considering how full of shit you are, it should be a winner.

creimin' ULTRA SOFT "being so full of shit never felt so good!"

creimin' ULTRA STRONG "if it can wipe my 350 pound flat ass, it can handle your wife!"

creimin' EXTRA PLY "if it can handle 30 streams, it can handle yours!"

creimin' TOUGH GUY "I didn't start it but I'll finish it!"

creimin' HOLY SHIT "when life kicks the crap out of you!"

Re: Value?

And settle for once and for all whether I have dick big enough to suck on daily or a puny little dick that makes an ape proud?

Dick too big for a woman and too small for a man. Poor creimer can't find human love.

Re:Value?

[ls671]

I was talking about a friendly contest where police isn't involved.

If the prime minister of Canada can do it, why couldn't we?

https://www.youtube.com/watch?...

http://nationalpost.com/news/c...

Re: Value?

there have been several hundred photos pasted in the last week. none of them have had the links pasted on slashdot, and none of them are dick picks. they're that one that refers to your slashdot account and says you spam forums on company time.

Re:Value?

Yeah, that's what happens when someone beats you up. They "rot in jail." Sorry, here in the real world, you just get your ass kicked till you pass out and the guy walks away. You can press charges, and he'll get a good lawyer and get probation and a small fine. That's what successful people, like slashdotters that are not you, do. Your magical fairy world doesn't apply to real life, no matter how much you want it to.

My certs expire every 30 days...

[__aaclcg7560]

The Let's Encrypt certs that I have for my websites automatically expire and renew every 30 days. That's 360+ per year.

Re:My certs expire every 30 days...

[ls671]

No! It expires every 90 days and you can renew after 60 days. RTFM.

Re:My certs expire every 30 days...

[__aaclcg7560]

No! It expires every 90 days and you can renew after 60 days. RTFM.

I stand corrected. After double checking my configuration, I have a different set of certs (five or so) expiring and renewing each month.

Re:My certs expire every 30 days...

[ls671]

...expiring and renewing each month

You seem to be missing an important principle: You have to renew a cert before it expires, hence the 60/90 days schedule.

You don't renew a cert "when it expires".

Re:My certs expire every 30 days...

[__aaclcg7560]

You don't renew a cert "when it expires".

I get a handful of emails every month from my web hosting provider that my expired certs are being renewed automatically.

Re:My certs expire every 30 days...

[ls671]

You don't renew a cert "when it expires".

I get a handful of emails every month from my web hosting provider that my expired certs are being renewed automatically.

Well, change provider if yours renew your certs only once they have expired! I begin renew requests for my certs 30 days before they expire. Again RTFM.

Re:My certs expire every 30 days...

[__aaclcg7560]

I begin renew requests for my certs 30 days before they expire.

That's the point you keep missing. I don't have to do anything because it's done automatically. I set it up once and forget about it.

Re:My certs expire every 30 days...

[TheRaven64]

You can renew a lot more often. Renewals are only limited by the rate limits and these allow renewing even after you've hit the 20-certs-per-week limit for a domain. Acme-client on FreeBSD defaults to renewing every week, so even a few failures will not cause problems.

Re:My certs expire every 30 days...

[ls671]

My god! I am not missing any point. Do you think that I renew my certs manually and that your provider is the only one to automate the process??? Of course not, I have a script in a cron job that takes care of it.

Again RTFM, here you go since that seems hard to understand for you:

https://letsencrypt.org/2015/1...

Re:My certs expire every 30 days...

[ls671]

The emails you are getting are pretty useless. I only get emails if the automated process fails. Then, I would get 30 days to monitor/fix it if it ever occurs. This is pretty standard for a Let's Encrypt setup. You would know about it if you actually ever implemented the process yourself.

Re:My certs expire every 30 days...

[ls671]

True enough, I have renewed several times in the same day when setting up automation. 60/90 days seems like good default values for now with a concern to not overload the system for nothing. This is what is recommended here:
https://letsencrypt.org/2015/1...

Also 60/90 is fine for me because I always manually restart apache (apachectl restart) at least once a week so new certificates should always be loaded on time. I don't want the automated script to restart my server for stability concerns.

On a side note, most clients seem to have way to many dependencies. I found a pure bash one without any dependencies. Here it is:
https://github.com/srvrco/gets...

But anyway, Let's Encrypt certificate expire after 90 days, period.

Re:My certs expire every 30 days...

[__aaclcg7560]

The emails you are getting are pretty useless. I only get emails if the automated process fails.

According to the provider TOS for Let's Encrypt, I authorized the sending of renewal and revocation emails.

You would know about it if you actually ever implemented the process yourself.

It takes 15 minutes to set up a dozen websites using the provider's webpage. Setting up multiple cron jobs will probably take a bit longer than 15 minutes. I got too many items on my to do list to dive into the cron job rabbit hole.

Re:My certs expire every 30 days...

[ls671]

Setting up multiple cron jobs will probably take a bit longer than 15 minutes. I got too many items on my to do list to dive into the cron job rabbit hole.

1 cron job for ~90 websites. No need to modify the cron job to add a new site, duh.

here you go:
https://github.com/srvrco/gets...

Just as fast as your provider and I hate web management interfaces. As a matter of fact, it is probably faster than it is at your provider because all you need to do is edit text files.

Re:My certs expire every 30 days...

[ls671]

oh, and my mod_security reverse-proxy routes all Let's Encrypt challenge requests to the same folder for the ~90 sites so no messing around with the websites content.

As a matter of fact, my customers don't need to do anything or touch their website. I guess it beats your setup because you say that, as a customer, you must set it up on you provider "web page".

Re:My certs expire every 30 days...

[ls671]

While at it, for very sensitive customer internal stuff, use a sub-domain with self-signed certs. You never know.

Re:My certs expire every 30 days...

[__aaclcg7560]

[...] the same folder for the ~90 sites so no messing around with the websites content.

My provider does the same thing. Is this supposed to be significant?

I guess it beats your setup because you say that, as a customer, you must set it up on you provider "web page".

As an end user, I just want to set it up and forget about it. I did it six months ago. I haven't looked it at until today. I'll probably won't look at it for another six months.

Re:My certs expire every 30 days...

[ls671]

As an end user, I just want to set it up and forget about it. I did it six months ago. I haven't looked it at until today. I'll probably won't look at it for another six months.

hmmm... reading comprehension?

My point was that my own customers never have to set up anything.

Re:My certs expire every 30 days...

[ls671]

OK, here I go: what is your security clearance level?

Re:My certs expire every 30 days...

[__aaclcg7560]

My point was that my own customers never have to set up anything.

Your customers have you. I have myself and my provider has a web interface. What's the problem?

Re:My certs expire every 30 days...

[Rockoon]

Just. Wow.

Re:My certs expire every 30 days...

[ls671]

Bragging from the start about things you don't master?

Re:My certs expire every 30 days...

[__aaclcg7560]

Bragging from the start about things you don't master?

My business doesn't require that I master every little detail. Some details I leave to others to free up my valuable time. A web interface that allows me to set up my domain and cert at the same time Is quite efficient.

Re:My certs expire every 30 days...

Yes, your "business", singular, down from the 30 businesses you had three weeks ago. And your valuable time ... spent on Slashdot.

You are such a narcissistic mentally defective pest!!!

Re:My certs expire every 30 days...

[__aaclcg7560]

Yes, your "business", singular, down from the 30 businesses you had three weeks ago.

My business has 30 revenue streams. Many of which don't require my personal attention and I still get paid whether I do anything or not. It's called passive income.

And your valuable time ... spent on Slashdot.

I'm currently on the express bus. I pay an extra $70 per month to take the express bus and free up 40 hours per month to do other things while someone else does the driving. Like responding to emails and Slashdot comments.

Re:My certs expire every 30 days...

So you were on the bus all day, fat boy? BTW, this song plays every time I read your comments:

https://www.youtube.com/watch?...

Re:My certs expire every 30 days...

[__aaclcg7560]

BTW, this song plays every time I read your comments:

Here's my theme song when I comment on Slashdot.

https://www.youtube.com/watch?v=C_Dywv-dfws

Re:My certs expire every 30 days...

https://www.youtube.com/watch?...

There's no way you're making any appreciable money from the utter horseshit I've seen from you. You'd make more collecting empties on recycling day.

Re:My certs expire every 30 days...

[__aaclcg7560]

There's no way you're making any appreciable money from the utter horseshit I've seen from you.

According to the Slashdot consensus, I'm making a lot of half-pennies.

Re:My certs expire every 30 days...

Yeah, and you'd make ten times more reaching for that empty Coke can.

Re:My certs expire every 30 days...

[ls671]

Express bus, this is pure genius.

Why didn't I think of it before?.

Re:My certs expire every 30 days...

[ls671]

The link looks nice but I didn't bother to click.

Congratulations! ;-)

Re:My certs expire every 30 days...

[ls671]

Still 5 cents in the US or is this specific to states?

Re:My certs expire every 30 days...

[TheRaven64]

On a side note, most clients seem to have way to many dependencies. I found a pure bash one without any dependencies

acme-client has no dependencies and is implemented as a small set of privilege-separated programs, so the thing that handles your private key and the things that makes network connections are entirely separated and the thing that an attacker might compromise runs with very limited privileges.

Re:My certs expire every 30 days...

Here's my theme song when I comment on Slashdot.

Here's the summary of the plot around that song:

"In one production number four ragamuffins find a single dime in a subway grating. They're rich! (We're In the Money)"

Do you realize the INCREDIBLE irony of you claiming your theme song is a song sung by a bunch of street kids who find a dime and foolishly believe all their problems are solved?

My sides, creimer. Stop! MY SIDES!

Value!

It's considerably better than a self-signed cert. Browsers don't accept self-signed certs by default, throwing up big nasty warnings. Lets Encrypt is a fully-accepted CA.

That's the scam - the pretense of "identification." All certs do is encrypt the stream. The CA "knows" you only as well as it's able to ascertain your actual identity, which for 99.9% of certs, is near zero. That's quite aside from any breaches in security that result in the cert getting into the wild and DNS malfuckery coming into play.

The reason that lets-encrypt has succeeded is because it avoids the money-generating browser manufacturer / CA collusion scam, and there isn't anything better yet than lets-encrypt's approach of constantly renewing the certificate (unless you're willing to have the browser scare away the vast majority of your visitors, which, again, is the scam.)

If someone pops up with a quality browser that reasonably treats self-signed certificates, the entire fraudulent business model of the CA's will collapse. It's long overdue. But there are huge monetary interests involved, so don't hold your breath.

TL;DR: Traditional CAs are scammers. Their claim of providing "identity" is no more than smoke and mirrors. lets-encrypt provides the actual value - encryption - without the baseless-identity-for-money scam. That's why lets-encrypt is a success.

Re:Value!

[Opportunist]

1. There is no pretense of identification.

2. Learn the basics about certificates and what they ACTUALLY mean rather than what meaning you give them for whatever reason.

Re:Value!

You have no idea what you're talking about. OP is spot-on.

Why so many negative comments?

[fabriciom]

This thing is the best thing since sliced bread. I use it on all my servers, it saves me money and head aches.

Re:Why so many negative comments?

Agreed. Any joe or jane can now have TLS with little hassle on their website or services for free. You can get a cert for every single subdomain or test application you want.

https is okay, but...

Won't stop Punycode Phishing.

Self-signed is pretty good. This is even better.

What you're missing is that there are some extremely technologically-stupid people in tech, and the rest of the world has to deal with their bullshit.

These extremely stupid people think that self-signed certs are somehow bad, or even inferior to plaintext! And the disaster the world has ended up facing, is that these fucking retards ended up having a say in how most people's web browsers user interface works.

The result is that web browsers often show warning boxes when faced with a self-signed cert, rather than the UI simply lacking an indicator that you have a certain minimum confidence that that you know with whom you're connected. This is a serious defect in most web browsers, possibly even the one that you personally use. I bet you have this problem.

And by all signs, none of the major web browser teams ever intend to repair the defects.

Using a shitty CA, instead of self-signing, works around the user interface flaw. Now the broken web browser correctly abstains from user-confusing "add security exception" nonsense, and things Just Work.

Of course, the downside is that the user might incorrectly infer that the other party is authenticated, but we already had that problem with other CAs too. HTTPS' reliance on single-signed x.509 and faceless CAs means that it'll never be particularly good for security purposes, or at least not on the Internet (though it is good enough for your company's intranet services).

Wonder...

[Frosty+Piss]

What is the respomse from commercial xert businesses about Let's Encrypt?

Re:Wonder...

[CrashNBrn]

Good Riddance. About time we get rid of the gouging "middle-man" to protect us from the man-in-the-middle-attacks.

Re:Wonder...

[thegarbz]

What is the respomse from commercial xert businesses about Let's Encrypt?

Probably not fussed. Lets Encrypt can only provide non-EV certificates, which make them essentially useless for anyone you need to trust, e.g. bank, site which handles payment or sensitive information, etc.

non-EV certificates were never too expensive anyway.

Re:Self-signed is pretty good. This is even better

[TheRaven64]

Self-signed certs aren't technically worse than plaintext, but they're not much better. If I go to example.com and establish a TLS connection, I want to know that I am talking to example.com. With a self-signed cert, I have no such assurance. I have a connection that is encrypted, but I don't know if the endpoint is actually example.com or if it is some malware running on the WiFi access point that I connected to (unless you've somehow obtained the example.com public key out-of-band and know that they're not planning on upgrading the connection). You're safe from passive eavesdropping but not from any kind of active adversary.

Self-signed certs are worse than plaintext from an HCI perspective, because they provide the appearance of security, while providing very little actual security.

In contrast, a cert signed by Let's Encrypt at least tells you that the example.com that you're talking to is the same one that the Let's Encrypt server was talking to. It's a lot easier to compromise a random WiFi AP than it is to compromise the connection in the datacentres that Let's Encrypt uses and a random WiFi AP.

to put it another way

That's upwards of $2 billion in "lost revenue" for the certificate cartels (using MAFIAA math)

Re:to put it another way

realistically it's more like $100 million to $150 million, but still, I bet they aren't happy.

Cert Expiry

The number mainly reflects the short expiry time on these certificates.

DNSSEC DANE TLSA is all we need

"This number reflects at least a few things: First, it illustrates the strong demand for our services."

Only because you, Mozilla - the PRIMARY funding source for Let's Encrypt - refuse to implement DANE TLSA yourselves.

https://bugzilla.mozilla.org/show_bug.cgi?id=672600

"Second, it illustrates our ability to scale."

DNS scales just fine. We don't need Let's Encrypt. What we need is DANE TLSA. Stop blabbing and dragging your feet on the issue and go implement it. This is a global security issue far greater than whatever the latest ransomware strain is. Also, screw you for waiting 6+ years to implement the feature to correct a 15+ year oversight that Netscape, which ultimately became Firefox, created.

"Third, it illustrates the power of automated certificate management."

Great. Now go implement DANE TLSA. It also illustrates the power of what free SSL certificates created by an organization that may be required to secretly hand over its private signing keys to the U.S. government via a FISA court order is capable of. That's 100 million compromised websites. Let's Encrypt is a U.S. based organization and FISA, NSA, CIA as well as all of the usual foreign players are all interested parties in your signing keys. I may deploy Let's Encrypt but I don't trust a single byte of data encrypted with Let's Encrypt signed certificates as being truly protected. Let's not fool ourselves here: Your service is convenient for getting the lock icon and browsers and other software to shut up about stuff but it's not remotely secure.

"The total number of certificates we've issued is an interesting number, but it doesn't reflect much about tangible progress towards our primary goal: a 100% HTTPS Web."

Then go implement DANE TLSA and eliminate the need for public CAs once and for all. DANE TLSA allows an individual or an organization to create and manage their own root CA without requiring it to be installed in the browser trust root store and yet compliant software will trust it. We can finally empty out the entire trust store as soon as DANE TLSA is widely deployed. The ONLY reason you AREN'T implementing it is because a bunch of other organizations have graced your head-filled arse with money to get their CA roots into the web browser trust stores of all major browsers.

Domain verification

[DrYak]

Can you explain specifically what makes this better than self-signed certs?

Self signed certs don't certify much (beyond the cryptographic validity of the key pair).
That means, on your first visit, that it's YOUR burden to check it that certification really belong to the domain, before trusting it and adding it.
(It could be a Man-in-the-Middle with their own self-signed certificate).

On the other hand non-EV certificates and Let's encrypt, all require some proof that the certificate requestor has a control of the server
(depending on the entity issuing the certification: requestor can answer "webmaster@[website.com]" e-mails (e.g.: CaCert), or that the requestor can publish and sign information on "https://[website.com]/nonce" (Let's Encrypt), etc.)
It's always steps that :
- can easily be automated (e.g.: no need to review official legal documents by staff. Unlike EV certificates)
- are steps that can only be done if the requestor has actually control of the domain.

So when you go to [website.com], if the certificate is a non-EV certificate or by Let's Encrypt, you have the guaranty that this certificated was delivered to the people genuinely controlling [website.com].
It's very unlikely that an attacker is ini the middle.

Note that this type of certificate only confirms the address of the website.
It provides no other information about the owner.

i.e.: a Let's Encrypt certificate gives you guaranty that "www.paipall.com" is indeed this website with no middle man attacker.
(you get a padlock in browser URL bars. Like Slashdot.org).
it's doesn't say anything if this website is actually owned by PayPal Inc or someone else. That would require an EV certificate (with a legal team reviewing the official papers to confirm or not)
(taht gives a padlock and a company name in browser URL bars, like paypal.com)

What prevents an attacker with access to a victims wires from using LE to obtain fraudulent certificates?

The attacker would *ALSO* need to have access to the server they are trying to impersonate in order to successfully pass the validation.
(And by that point, if the attacker actually controls that server, there's no need to fuss around with man-in-the-middle attack).

Re:Domain verification

[tattood]

The attacker would *ALSO* need to have access to the server they are trying to impersonate in order to successfully pass the validation. (And by that point, if the attacker actually controls that server, there's no need to fuss around with man-in-the-middle attack).

An attacker could use LE to setup a MITM attack, if they can hack the website.

1) Take control over the website.
2) Get a LE certificate for the domain
3) Export the certificate, and install onto their own malware site.
4) Phish a user into going to their MITM site, which has a LE signed certificate, that your browser trusts.
5)...
6) Profit!

Over 100,000,000 certificates issued...

[nuckfuts]

because they expire every three months.

Re:Self-signed is pretty good. This is even better

Self-signed certs are worse than plaintext from an HCI perspective, because they provide the appearance of security,

Are you sure that's not another user interface defect? You sure just described it as a user interface defect.

Not worth the effort

[DrYak]

The attacker would *ALSO* need to have access to the server they are trying to impersonate in order to successfully pass the validation.
(And by that point, if the attacker actually controls that server, there's no need to fuss around with man-in-the-middle attack).

An attacker could use LE to setup a MITM attack, if they can hack the website.

As I've explained in the quote you're replying to, if the attacker has control of the website, they can do pretty much everything they want.
At that point, getting a LE certificate is spending needless time on useless stuff that won't bring you much access beyond what you do.

1) Take control over the website.

At that point, the attacker has access to everything they could dream of.
You can straigth jump to :

4) Phish a user into going to their MITM site, which has a LE signed certificate, that your browser trusts.

Why MITM site ? The attacker has access to the real deal.
They could steal data straight from the actual site if they want.

Why LE signed certificate ? (Or for that matter CaCerts, Starcom or any non-EV option at one of the big name certificate authority). The attacker has access to the actual original private key on the site.
If anything, a changed certificate or even a changed authority might look conspicuous (and some power users have tools to detect exactly that).

Why setup a separate LE certificate, when they can use the actual key and rely on whatever expensive signing the site went for ? (and then, for all intent and purpose, the interaction with the pish looks cryptographically exactly the same as if coming from the genuine site. There's no cryptographical way to distinguish them).

At the point where an attacker controls the website, you're pretty much hosed and the fact that they could get a certificate from Let's Encrypt (or from CaCerts.org) (or pay a non-EV certificate from any of the expensive trusted certificate providers) is a minor details compared to the potential of damage they now have access to.

There isn't much difference between Let's Encrypt, CaCerts.org, or a non-EV certificate that you can get from any of the classical providers.
The only thing that Let's Encrypt has brought to the table is their "ACME" protocol, making things also easier to automate on the website owner's side of the business and providing a reasonable set of defaults. (With LE, even Joe Six Pack can have https on their own blog).

The big distinction is between EV and non-EV certficates.
non-EV certs (including from classical sources, but also including Let's Encrypt and CaCerts) : only guarantee (through automated means) that the website is indeed the URL it claims to be - (padlock in URL bar)
EV certs : actual human staff is paid to check extensive legal/official paper work to guarantee that the website belongs to a legal entity (a registered company) - (company name in URL bar).

Re:Not worth the effort

[tattood]

As I've explained in the quote you're replying to, if the attacker has control of the website, they can do pretty much everything they want. At that point, getting a LE certificate is spending needless time on useless stuff that won't bring you much access beyond what you do.

If they are able to get a LE cert and successfully MITM the site, then they can run all of their bad stuff on their own server instead of the real server. This limits their exposure to being caught, and the website owner fixing their security holes. If the website owner never sees any bad behavior in their systems, they may never know they were compromised.

If anything, a changed certificate or even a changed authority might look conspicuous (and some power users have tools to detect exactly that).

Websites change CAs and certificates all the time. I managed a website, and when we moved to a different hosting provider, the next cert was issued by their preferred CA and nobody complained. Unless the website owners themselves are checking their certificate, then the power users might just assume that the website changed to LE by their own decision, since LE is free, and easier than dealing with commercial CAs.

Why setup a separate LE certificate, when they can use the actual key and rely on whatever expensive signing the site went for ? (and then, for all intent and purpose, the interaction with the pish looks cryptographically exactly the same as if coming from the genuine site.

If the website is running an SSL proxy, then the hacker cannot get the private key from the web server itself, unless they are able to jump to the proxy and hack it as well.