Why Let’s Encrypt is a really, really, really bad idea…
-
Security through obscurity is the same as Security at Airports. It's Security Theater it's a means of trying to put on a show of security without actual security to deter people from attacking your site/airport/whatever.
I'd much rather have a cert renew on demand for free or every few days for free than to wait 2-5 years before going to check if a new cert is required.
-
@Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:
@Emad-R said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
@Emad-R said in Why Let’s Encrypt is a really, really, really bad idea…:
@Curtis said in Why Let’s Encrypt is a really, really, really bad idea…:
https://medium.com/swlh/why-lets-encrypt-is-a-really-really-really-bad-idea-d69308887801
This guy...
Actually he makes sense to me, if you have website that is generating good revenue you should spend on SSL
Yeah I don't agree with that. The "warranties" that you get are literally useless and it's not possible to automate them. There is literally no upside to paying for one, even EV certs.
Let's not forget that the TLS certs are not for ensuring it is a safe site. It's just a way to have an encrypted channel.
What about being Unique, or unlike the rest, wont that increase security. Like changing a port of SSH, the same method your not using a service that all the rest are using like Lets Encrypt, Thus by theory more secure.
Security through obscurity? Thats not security, that just leads people into a false sense of security. Sure it takes a bit more effort on the part of the hacker, but a determined hacker doesn't really care.
The only point I really consider valid is the accountability aspect - but I'm not sure how much weight I can really give that single point. If LE is hacked, and the master key is stolen, they revoke it and start over, all of the automated systems (I hope) are able to get a new cert the next time they check in - which is very frequent typically, days/weeks normally, but at works are mere months compared to any typical CA, it could be three years if a cert was just purchased a bit before the breach.
The crl is checked immediately by the browser, and will let you know the cert is revoked. I think most web browsers will make you do a manual step to bypass that to browse a website using a revoked ssl cert, if at all.
-
@Obsolesce Yeah, which it's then onto the user who says "whelp I know this website is doing something differently, so let's just click ignore and continue".
At least with an automated cert renewal/replacement system like LE, the entire process should never get to the point where a user has to jump through these hoops.
-
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:
@Emad-R said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
@Emad-R said in Why Let’s Encrypt is a really, really, really bad idea…:
@Curtis said in Why Let’s Encrypt is a really, really, really bad idea…:
https://medium.com/swlh/why-lets-encrypt-is-a-really-really-really-bad-idea-d69308887801
This guy...
Actually he makes sense to me, if you have website that is generating good revenue you should spend on SSL
Yeah I don't agree with that. The "warranties" that you get are literally useless and it's not possible to automate them. There is literally no upside to paying for one, even EV certs.
Let's not forget that the TLS certs are not for ensuring it is a safe site. It's just a way to have an encrypted channel.
What about being Unique, or unlike the rest, wont that increase security. Like changing a port of SSH, the same method your not using a service that all the rest are using like Lets Encrypt, Thus by theory more secure.
Security through obscurity? Thats not security, that just leads people into a false sense of security. Sure it takes a bit more effort on the part of the hacker, but a determined hacker doesn't really care.
The only point I really consider valid is the accountability aspect - but I'm not sure how much weight I can really give that single point. If LE is hacked, and the master key is stolen, they revoke it and start over, all of the automated systems (I hope) are able to get a new cert the next time they check in - which is very frequent typically, days/weeks normally, but at works are mere months compared to any typical CA, it could be three years if a cert was just purchased a bit before the breach.
The crl is checked immediately by the browser, and will let you know the cert is revoked. I think most web browsers will make you do a manual step to bypass that to browse a website using a revoked ssl cert, if at all.
Sure - that assumes the browser can reach the CRL... if it's unavilable (which supposedly is a huge problem), most if not all browsers fail to allow access by default.
And of course, this only matters once you know your key has been stolen and it's then revoked. I just heard this morning that NASA discovered an APT inside their network that's been there over a year. Now sure - NASA, a government agency, so we can't likely consider them to have good security, but still. The Bleachwood hotel chain had an APT for like 5 years (don't recall exact amount of time), etc, etc.. so the chances of finding an APT that stole your key seems less like a certainty.
-
@Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:
Sure - that assumes the browser can reach the CRL... if it's unavilable (which supposedly is a huge problem), most if not all browsers fail to allow access by default.
If the crl cannot be reached, the cert is not trusted and basically the same thing.
-
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:
Sure - that assumes the browser can reach the CRL... if it's unavilable (which supposedly is a huge problem), most if not all browsers fail to allow access by default.
If the crl cannot be reached, the cert is not trusted and basically the same thing.
No, that's definitely not true. as I said - most, if not all browsers - fail open in the case where they can't reach the crl.
https://scotthelme.co.uk/certificate-revocation-google-chrome/
-
@Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@Dashrender said in Why Let’s Encrypt is a really, really, really bad idea…:
Sure - that assumes the browser can reach the CRL... if it's unavilable (which supposedly is a huge problem), most if not all browsers fail to allow access by default.
If the crl cannot be reached, the cert is not trusted and basically the same thing.
No, that's definitely not true. as I said - most, if not all browsers - fail open in the case where they can't reach the crl.
https://scotthelme.co.uk/certificate-revocation-google-chrome/
Chrome will instead rely on its automatic update mechanism to maintain a list of certificates that have been revoked for security reasons. Langley called on certificate authorities to provide a list of revoked certificates that Google bots can automatically fetch. The time frame for the Chrome changes to go into effect are "on the order of months," a Google spokesman said.
Same thing but different. Google Chrome will be Google Chrome.
-
@Emad-R said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
@Emad-R said in Why Let’s Encrypt is a really, really, really bad idea…:
@Curtis said in Why Let’s Encrypt is a really, really, really bad idea…:
https://medium.com/swlh/why-lets-encrypt-is-a-really-really-really-bad-idea-d69308887801
This guy...
Actually he makes sense to me, if you have website that is generating good revenue you should spend on SSL
Yeah I don't agree with that. The "warranties" that you get are literally useless and it's not possible to automate them. There is literally no upside to paying for one, even EV certs.
Let's not forget that the TLS certs are not for ensuring it is a safe site. It's just a way to have an encrypted channel.
What about being Unique, or unlike the rest, wont that increase security. Like changing a port of SSH, the same method your not using a service that all the rest are using like Lets Encrypt, Thus by theory more secure.
No that won't increase security. The security here is that the data is encrypted. Even self signed certs are secure from the fact that they encrypt the data. People conflate the encryption with the validation that the site is owned by who they think it should be owned by. The only purpose of the cert is to show the data is encrypted and there is no one between you and the other end.
Another issue with non LE certs are the lifetime. If someone gets access to your key, there's at least a year until the new key is created. LE can be as new as you want automatically.
-
So I finally read this trash. How is this goon a CISSP? The CA doesn't have access to the private key on your server. That's not how CAs work. So if someone "steals the CAs key" they can't just MITM your traffic with an existing key. It's amazing that this was even published....
-
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
So I finally read this trash. How is this goon a CISSP? The CA doesn't have access to the private key on your server. That's not how CAs work. So if someone "steals the CAs key" they can't just MITM your traffic with an existing key. It's amazing that this was even published....
Regardless of the context,
If someone steals the CAs key, they can impersonate the CA. Then at that point... well I'm sure you know what's next. -
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
So I finally read this trash. How is this goon a CISSP? The CA doesn't have access to the private key on your server. That's not how CAs work. So if someone "steals the CAs key" they can't just MITM your traffic with an existing key. It's amazing that this was even published....
Regardless of the context,
If someone steals the CAs key, they can impersonate the CA. Then at that point... well I'm sure you know what's next.I'd argue that LetsEncrypt does a better job of protecting against this sort of thing. Their certs being valid for only 3 months could limit the amount of time nefarious types have to be bad. The paid certs have 2-3 years, and the revocation system is notoriously broken.
-
@travisdh1 said in Why Let’s Encrypt is a really, really, really bad idea…:
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
So I finally read this trash. How is this goon a CISSP? The CA doesn't have access to the private key on your server. That's not how CAs work. So if someone "steals the CAs key" they can't just MITM your traffic with an existing key. It's amazing that this was even published....
Regardless of the context,
If someone steals the CAs key, they can impersonate the CA. Then at that point... well I'm sure you know what's next.I'd argue that LetsEncrypt does a better job of protecting against this sort of thing. Their certs being valid for only 3 months could limit the amount of time nefarious types have to be bad. The paid certs have 2-3 years, and the revocation system is notoriously broken.
And I truest the EFF 1000x more than most CAs.
-
@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:
@travisdh1 said in Why Let’s Encrypt is a really, really, really bad idea…:
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
So I finally read this trash. How is this goon a CISSP? The CA doesn't have access to the private key on your server. That's not how CAs work. So if someone "steals the CAs key" they can't just MITM your traffic with an existing key. It's amazing that this was even published....
Regardless of the context,
If someone steals the CAs key, they can impersonate the CA. Then at that point... well I'm sure you know what's next.I'd argue that LetsEncrypt does a better job of protecting against this sort of thing. Their certs being valid for only 3 months could limit the amount of time nefarious types have to be bad. The paid certs have 2-3 years, and the revocation system is notoriously broken.
And I truest the EFF 1000x more than most CAs.
It is not the EFF. The EFF is one of a few major supporters of the organization the runs LE.
-
I'd think the other CA's would want to create a lot of negative propaganda about let's encrypt. Seems like this is possibly the start of that
-
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
So I finally read this trash. How is this goon a CISSP? The CA doesn't have access to the private key on your server. That's not how CAs work. So if someone "steals the CAs key" they can't just MITM your traffic with an existing key. It's amazing that this was even published....
Regardless of the context,
If someone steals the CAs key, they can impersonate the CA. Then at that point... well I'm sure you know what's next.Right but that doesn't give you access to existing keys. Only newly generated keys. You can't just a steal someone's traffic because you got the CA key. And there are a ton of other security measures in place for that scenario.
-
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
So I finally read this trash. How is this goon a CISSP? The CA doesn't have access to the private key on your server. That's not how CAs work. So if someone "steals the CAs key" they can't just MITM your traffic with an existing key. It's amazing that this was even published....
Regardless of the context,
If someone steals the CAs key, they can impersonate the CA. Then at that point... well I'm sure you know what's next.Right but that doesn't give you access to existing keys. Only newly generated keys. You can't just a steal someone's traffic because you got the CA key. And there are a ton of other security measures in place for that scenario.
Right, existing certs are fine. But then you have to question which are from the real CA and which are from the impersonating CA. The impersonating CA would hand out certs with known keys so mitm attacks can occur.
-
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
So I finally read this trash. How is this goon a CISSP? The CA doesn't have access to the private key on your server. That's not how CAs work. So if someone "steals the CAs key" they can't just MITM your traffic with an existing key. It's amazing that this was even published....
Regardless of the context,
If someone steals the CAs key, they can impersonate the CA. Then at that point... well I'm sure you know what's next.Right but that doesn't give you access to existing keys. Only newly generated keys. You can't just a steal someone's traffic because you got the CA key. And there are a ton of other security measures in place for that scenario.
Right, existing certs are fine. But then you have to question which are from the real CA and which are from the impersonating CA. The impersonating CA would hand out certs with known keys so mitm attacks can occur.
I wasn't arguing that, and he never made that argument. It was solely about it being free and the hackers can get your data now.
It's not like LE isn't monitoring their FIPS140-3 HSM with the non-exportable keys stored on it. And in the event someone somehow got in, they can immediately revoke and renew and everyone will get the new key on the next check in. Vs manual certs where you would have to log in to every server and remove the certs manually and add the new ones.
-
@stacksofplates Yes, but it's also about preventing imposters - so you know that who you're talking to is who they claim they are.
-
IMHO the whole certificate business is a racket - basically a money making machine. I can't think of any other business from the top of my head that just generates a few kilobytes and gets a ton of money for it. Yes, there is some validation going on - but that's pretty easy to do.
I suppose the guy has a point in that Let's Encrypt becomes a single point of failure since it generates so many certificates, not sure if that's a good reason not to use them.
-
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
It was solely about it being free and the hackers can get your data now.
To get the data, they would have to break the encryption. That won't happen in the short time period the existing cert is valid for and is renewed. And like you said, if the CA is compromised, it's a simple fix to revoke and issue a new CA cert, and all it was responsible for.
There's really nothing more to it, I don't know why all this. That it's free has nothing to do with it's security. The number of certs issued don't matter either, they don't all come from the same issuing CA (do they?)... If so goes back to the point above anyways