Many domains used by dynamic DNS providers are still not on the Public Suffix List. If a domain is not on the Public Suffix List, Let's Encrypt won't issue more than 20 certificates in a 7-day period for subdomains of that domain. (Source: Let's Encrypt rate limits; Ratelimit for dyndns domain) Instead, the service will produce an error message to the effect:
Error: rateLimited:: There were too many requests of a given type:: Error creating new cert:: Too many certificates already issued for: no-ip.biz
This means 20 other customers of the same dynamic DNS provider are likely to have already obtained their certificates before you have a chance to.
A browser can be configured to trust a particular CA only if the CA submits all certificates it issues to a Certificate Transparency log. I seem to remember at least Symantec being put in this penalty box.
Any ACME client distributed as free software, not just Certbot, can obtain certificates from Let's Encrypt. If that's not enough, what makes the distributor of your operating system or web server software "trusted" in the first place?
How would the person verifying the download securely obtain and verify the public key of the signer? Does it involve CAs, or does it involve long-distance travel to key signing parties?
Have fun click-click-clicking through a server-side image map that fully reloads the page every time. Or have fun not being able to use an application at all because instead of being a web application, it was developed as a native application for an operating system other than yours.
To achieve the above you either have to write a custom http client [...] What is possible is academic if it isn't being done.
Except 90 percent of it has been done in existing download managers. I imagine the anti-analysis features that I described (always retrieve full-size final range and retrieve dummy ranges) are straightforward to add to a download manager. Do you need me personally to create a proof of concept in order for it to become no longer "academic"?
The only significant drawback is that you might have to wait a few months for the newest TV series to appear on DVD - unless you can pick them up on broadcast. Just think of it like if they had come out a few months later.
After your co-workers have already spoiled them and closed discussion of them around the water cooler.
I edited it out because nobody answered my previous question about practical methods of distributing the root certificate of "roll your own CA" to guests' devices.
all sites will start using the fake CA let's encrypt that issues certs to anyone for anything
By the same criteria under which Let's Encrypt is a "fake CA", the vast majority of domain registrars are "fake registrars". They'll issue domains such as bankofarnerica.com to typosquatters and phishers and then not do anything until someone brings action pursuant to UDRP.
Is it really more difficult for an adversary to sum up a bunch of 4MB chunks?
Yes. For example, once you have the content length, you can always request the end of a roughly 4 GB file as a full 4 MB range rather than a partial chunk by seeking 4 MB before the content length. Or for an additional data cost smaller than 1 percent, you can randomly request one to ten extra chunks at various points in the file.
Telling someone who doesn't see the point of HTTPS for x,y and z to get a new provider is probably not likely to result in a positive outcome.
That was directed at people who do see the point "but...".
"Merged" means not being able to run Xcode on any device.
If Apple obsoletes Xcode, then how will there ever be any applications in its App Store? Or does Apple plan to return to the iOS 1.0-era plan of requiring third-party applications to be Progressive Web Applications?
Changing the billions of http: links on billions of web pages to billions of other web pages, that's what.
If your HTTPS server sends the Strict-Transport-Security header for one request, the browser will automatically rewrite subsequent requests to http: scheme URLs on the same domain to use the https: scheme instead. If you enable this long-term for all subdomains, you can get the header "preloaded", or included with the browser itself so that even the first request gets rewritten. The HTTPS Everywhere extension by EFF is an additional source of preloads.
How to render the SHA-256 Pre-image collision attacks effectively moot: Check the Fucking File Size.
The attack I'm concerned about doesn't involve a hash collision. The attacker who intercepts an HTTP connection can replace both the disk image with a replacement of the same size and the hash with the hash of the replacement image. And this interception (sometimes mistakenly called "transparent proxying") is much more difficult with HTTPS than with cleartext HTTP.
It's a bit harder to get the devices of friends and relatives visiting your home to trust the certificate of your private CA so that they can (say) view the videos on your NAS or print to your printer. In addition, Android displays a persistent warning about "Network monitoring" if a private CA certificate is installed.
Slashdot Mirror
run a dynamic dns name
Many domains used by dynamic DNS providers are still not on the Public Suffix List. If a domain is not on the Public Suffix List, Let's Encrypt won't issue more than 20 certificates in a 7-day period for subdomains of that domain. (Source: Let's Encrypt rate limits; Ratelimit for dyndns domain) Instead, the service will produce an error message to the effect:
This means 20 other customers of the same dynamic DNS provider are likely to have already obtained their certificates before you have a chance to.
That's a windfall to the CA industry of $50 per year times how many households?
youtube doesn't cost me shit.
YouTube Red is a subscription service, and some movies and series are exclusive to YouTube Red.
Me reading a webcomic does not need encryption either.
Only if the particular webcomic is available without charge. If the webcomic is paywalled, it needs a subscription and therefore encryption.
A substantial refresh to the Mac mini or MacBook would convince me.
Let's Encrypt can work with only access to the DNS server. But each household would still need to buy a domain and keep it renewed.
In this case, would you recommend that every householder buy a domain for the home network and keep renewing it?
A browser can be configured to trust a particular CA only if the CA submits all certificates it issues to a Certificate Transparency log. I seem to remember at least Symantec being put in this penalty box.
A Raspberry Pi is probably cheaper than even the electric power needed to keep the i486 PC running for a substantial length of time.
Any ACME client distributed as free software, not just Certbot, can obtain certificates from Let's Encrypt. If that's not enough, what makes the distributor of your operating system or web server software "trusted" in the first place?
The web should have been fully encrypted from the start.
With what? 40-bit keys? At the start of the web, competent encryption was considered a munition in some economically important countries.
How would the person verifying the download securely obtain and verify the public key of the signer? Does it involve CAs, or does it involve long-distance travel to key signing parties?
KILL JAVASCRIPT DEAD
Have fun click-click-clicking through a server-side image map that fully reloads the page every time. Or have fun not being able to use an application at all because instead of being a web application, it was developed as a native application for an operating system other than yours.
To achieve the above you either have to write a custom http client [...] What is possible is academic if it isn't being done.
Except 90 percent of it has been done in existing download managers. I imagine the anti-analysis features that I described (always retrieve full-size final range and retrieve dummy ranges) are straightforward to add to a download manager. Do you need me personally to create a proof of concept in order for it to become no longer "academic"?
Nobody cares about any entertainment that much [...] if a finance transaction does not take place, then ssl is overkill.
Didn't "a finance transaction" set up your subscription to receive said entertainment in the first place?
The only significant drawback is that you might have to wait a few months for the newest TV series to appear on DVD - unless you can pick them up on broadcast. Just think of it like if they had come out a few months later.
After your co-workers have already spoiled them and closed discussion of them around the water cooler.
I edited it out because nobody answered my previous question about practical methods of distributing the root certificate of "roll your own CA" to guests' devices.
Theoretically, guest Wi-Fi should be presenting the terms in a RADIUS access challenge instead of HTTP interception anyway.
all sites will start using the fake CA let's encrypt that issues certs to anyone for anything
By the same criteria under which Let's Encrypt is a "fake CA", the vast majority of domain registrars are "fake registrars". They'll issue domains such as bankofarnerica.com to typosquatters and phishers and then not do anything until someone brings action pursuant to UDRP.
it's probably easier just to use Let's Encrypt.
As I wrote in my other comment, Let's Encrypt requires a fully-qualified domain name, not a 192.168 or .local.
Is it really more difficult for an adversary to sum up a bunch of 4MB chunks?
Yes. For example, once you have the content length, you can always request the end of a roughly 4 GB file as a full 4 MB range rather than a partial chunk by seeking 4 MB before the content length. Or for an additional data cost smaller than 1 percent, you can randomly request one to ten extra chunks at various points in the file.
Telling someone who doesn't see the point of HTTPS for x,y and z to get a new provider is probably not likely to result in a positive outcome.
That was directed at people who do see the point "but...".
"Merged" means not being able to run Xcode on any device.
If Apple obsoletes Xcode, then how will there ever be any applications in its App Store? Or does Apple plan to return to the iOS 1.0-era plan of requiring third-party applications to be Progressive Web Applications?
Similarly, BYOD on the home network should be segregated to an Internet-only guest wireless connection.
That wouldn't help if you want to let guests print to your printer or view videos on your NAS.
Changing the billions of http: links on billions of web pages to billions of other web pages, that's what.
If your HTTPS server sends the Strict-Transport-Security header for one request, the browser will automatically rewrite subsequent requests to http: scheme URLs on the same domain to use the https: scheme instead. If you enable this long-term for all subdomains, you can get the header "preloaded", or included with the browser itself so that even the first request gets rewritten. The HTTPS Everywhere extension by EFF is an additional source of preloads.
How to render the SHA-256 Pre-image collision attacks effectively moot: Check the Fucking File Size.
The attack I'm concerned about doesn't involve a hash collision. The attacker who intercepts an HTTP connection can replace both the disk image with a replacement of the same size and the hash with the hash of the replacement image. And this interception (sometimes mistakenly called "transparent proxying") is much more difficult with HTTPS than with cleartext HTTP.
This will just increase the cost of entry
Increasing the cost of interception to where only nation-states can afford it and there's evidence if they do it anyway is the entire point of HTTPS.
Forge a cert for yourself, it's not hard.
It's a bit harder to get the devices of friends and relatives visiting your home to trust the certificate of your private CA so that they can (say) view the videos on your NAS or print to your printer. In addition, Android displays a persistent warning about "Network monitoring" if a private CA certificate is installed.