Why Let’s Encrypt is a really, really, really bad idea…
-
@travisdh1 said in Why Let’s Encrypt is a really, really, really bad idea…:
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
So I finally read this trash. How is this goon a CISSP? The CA doesn't have access to the private key on your server. That's not how CAs work. So if someone "steals the CAs key" they can't just MITM your traffic with an existing key. It's amazing that this was even published....
Regardless of the context,
If someone steals the CAs key, they can impersonate the CA. Then at that point... well I'm sure you know what's next.I'd argue that LetsEncrypt does a better job of protecting against this sort of thing. Their certs being valid for only 3 months could limit the amount of time nefarious types have to be bad. The paid certs have 2-3 years, and the revocation system is notoriously broken.
And I truest the EFF 1000x more than most CAs.
-
@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:
@travisdh1 said in Why Let’s Encrypt is a really, really, really bad idea…:
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
So I finally read this trash. How is this goon a CISSP? The CA doesn't have access to the private key on your server. That's not how CAs work. So if someone "steals the CAs key" they can't just MITM your traffic with an existing key. It's amazing that this was even published....
Regardless of the context,
If someone steals the CAs key, they can impersonate the CA. Then at that point... well I'm sure you know what's next.I'd argue that LetsEncrypt does a better job of protecting against this sort of thing. Their certs being valid for only 3 months could limit the amount of time nefarious types have to be bad. The paid certs have 2-3 years, and the revocation system is notoriously broken.
And I truest the EFF 1000x more than most CAs.
It is not the EFF. The EFF is one of a few major supporters of the organization the runs LE.
-
I'd think the other CA's would want to create a lot of negative propaganda about let's encrypt. Seems like this is possibly the start of that
-
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
So I finally read this trash. How is this goon a CISSP? The CA doesn't have access to the private key on your server. That's not how CAs work. So if someone "steals the CAs key" they can't just MITM your traffic with an existing key. It's amazing that this was even published....
Regardless of the context,
If someone steals the CAs key, they can impersonate the CA. Then at that point... well I'm sure you know what's next.Right but that doesn't give you access to existing keys. Only newly generated keys. You can't just a steal someone's traffic because you got the CA key. And there are a ton of other security measures in place for that scenario.
-
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
So I finally read this trash. How is this goon a CISSP? The CA doesn't have access to the private key on your server. That's not how CAs work. So if someone "steals the CAs key" they can't just MITM your traffic with an existing key. It's amazing that this was even published....
Regardless of the context,
If someone steals the CAs key, they can impersonate the CA. Then at that point... well I'm sure you know what's next.Right but that doesn't give you access to existing keys. Only newly generated keys. You can't just a steal someone's traffic because you got the CA key. And there are a ton of other security measures in place for that scenario.
Right, existing certs are fine. But then you have to question which are from the real CA and which are from the impersonating CA. The impersonating CA would hand out certs with known keys so mitm attacks can occur.
-
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
So I finally read this trash. How is this goon a CISSP? The CA doesn't have access to the private key on your server. That's not how CAs work. So if someone "steals the CAs key" they can't just MITM your traffic with an existing key. It's amazing that this was even published....
Regardless of the context,
If someone steals the CAs key, they can impersonate the CA. Then at that point... well I'm sure you know what's next.Right but that doesn't give you access to existing keys. Only newly generated keys. You can't just a steal someone's traffic because you got the CA key. And there are a ton of other security measures in place for that scenario.
Right, existing certs are fine. But then you have to question which are from the real CA and which are from the impersonating CA. The impersonating CA would hand out certs with known keys so mitm attacks can occur.
I wasn't arguing that, and he never made that argument. It was solely about it being free and the hackers can get your data now.
It's not like LE isn't monitoring their FIPS140-3 HSM with the non-exportable keys stored on it. And in the event someone somehow got in, they can immediately revoke and renew and everyone will get the new key on the next check in. Vs manual certs where you would have to log in to every server and remove the certs manually and add the new ones.
-
@stacksofplates Yes, but it's also about preventing imposters - so you know that who you're talking to is who they claim they are.
-
IMHO the whole certificate business is a racket - basically a money making machine. I can't think of any other business from the top of my head that just generates a few kilobytes and gets a ton of money for it. Yes, there is some validation going on - but that's pretty easy to do.
I suppose the guy has a point in that Let's Encrypt becomes a single point of failure since it generates so many certificates, not sure if that's a good reason not to use them.
-
@stacksofplates said in Why Let’s Encrypt is a really, really, really bad idea…:
It was solely about it being free and the hackers can get your data now.
To get the data, they would have to break the encryption. That won't happen in the short time period the existing cert is valid for and is renewed. And like you said, if the CA is compromised, it's a simple fix to revoke and issue a new CA cert, and all it was responsible for.
There's really nothing more to it, I don't know why all this. That it's free has nothing to do with it's security. The number of certs issued don't matter either, they don't all come from the same issuing CA (do they?)... If so goes back to the point above anyways
-
@ingmarkoecher said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates Yes, but it's also about preventing imposters - so you know that who you're talking to is who they claim they are.
That's not what the certs are for. If I buy www.ebays.co and make my site look exactly like ebay, the cert doesn't have a responsibility to ensure I'm at the real ebay site. The only thing the cert is for is to ensure my data is encrypted between my end and the remote end and that someone can't intercept it. That's the cert's only purpose.
-
@ingmarkoecher said in Why Let’s Encrypt is a really, really, really bad idea…:
IMHO the whole certificate business is a racket - basically a money making machine. I can't think of any other business from the top of my head that just generates a few kilobytes and gets a ton of money for it. Yes, there is some validation going on - but that's pretty easy to do.
I suppose the guy has a point in that Let's Encrypt becomes a single point of failure since it generates so many certificates, not sure if that's a good reason not to use them.
Right, LE breaks the "racket", as does CloudFlare. The "racketeers" push (and likely pay) for people to spread FUD as their entire business model is based on no one catching on.
-
@ingmarkoecher said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates Yes, but it's also about preventing imposters - so you know that who you're talking to is who they claim they are.
This is true.... only so far as preventing a man in the middle attack. It doesn't tell you that you selected the right person in the first place, which is how people will read that.
-
@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:
@ingmarkoecher said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates Yes, but it's also about preventing imposters - so you know that who you're talking to is who they claim they are.
This is true.... only so far as preventing a man in the middle attack. It doesn't tell you that you selected the right person in the first place, which is how people will read that.
Not really. I can create a cert that says I'm [email protected] or an ssl cert for my server that says facebook.com. A browser may not trust it by default because it comes from my own CA, but that's besides the point.
-
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:
@ingmarkoecher said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates Yes, but it's also about preventing imposters - so you know that who you're talking to is who they claim they are.
This is true.... only so far as preventing a man in the middle attack. It doesn't tell you that you selected the right person in the first place, which is how people will read that.
Not really. I can create a cert that says I'm [email protected] or an ssl cert for my server that says facebook.com. A browser may not trust it by default because it comes from my own CA, but that's besides the point.
No one is discussing your own CA though. The CA mechanism is based on trusted roots.
-
@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:
@ingmarkoecher said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates Yes, but it's also about preventing imposters - so you know that who you're talking to is who they claim they are.
This is true.... only so far as preventing a man in the middle attack. It doesn't tell you that you selected the right person in the first place, which is how people will read that.
Not really. I can create a cert that says I'm [email protected] or an ssl cert for my server that says facebook.com. A browser may not trust it by default because it comes from my own CA, but that's besides the point.
No one is discussing your own CA though. The CA mechanism is based on trusted roots.
I responded to certs specifically, regardless of context.
-
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:
@ingmarkoecher said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates Yes, but it's also about preventing imposters - so you know that who you're talking to is who they claim they are.
This is true.... only so far as preventing a man in the middle attack. It doesn't tell you that you selected the right person in the first place, which is how people will read that.
Not really. I can create a cert that says I'm [email protected] or an ssl cert for my server that says facebook.com. A browser may not trust it by default because it comes from my own CA, but that's besides the point.
No one is discussing your own CA though. The CA mechanism is based on trusted roots.
I responded to certs specifically, regardless of context.
Except the context is the point. The trust of the CA is the entire point of the idiotic article linked by the OP.
-
@JaredBusch said in Why Let’s Encrypt is a really, really, really bad idea…:
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:
@ingmarkoecher said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates Yes, but it's also about preventing imposters - so you know that who you're talking to is who they claim they are.
This is true.... only so far as preventing a man in the middle attack. It doesn't tell you that you selected the right person in the first place, which is how people will read that.
Not really. I can create a cert that says I'm [email protected] or an ssl cert for my server that says facebook.com. A browser may not trust it by default because it comes from my own CA, but that's besides the point.
No one is discussing your own CA though. The CA mechanism is based on trusted roots.
I responded to certs specifically, regardless of context.
Except the context is the point. The trust of the CA is the entire point of the idiotic article linked by the OP.
Gotcha
-
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:
@Obsolesce said in Why Let’s Encrypt is a really, really, really bad idea…:
@scottalanmiller said in Why Let’s Encrypt is a really, really, really bad idea…:
@ingmarkoecher said in Why Let’s Encrypt is a really, really, really bad idea…:
@stacksofplates Yes, but it's also about preventing imposters - so you know that who you're talking to is who they claim they are.
This is true.... only so far as preventing a man in the middle attack. It doesn't tell you that you selected the right person in the first place, which is how people will read that.
Not really. I can create a cert that says I'm [email protected] or an ssl cert for my server that says facebook.com. A browser may not trust it by default because it comes from my own CA, but that's besides the point.
No one is discussing your own CA though. The CA mechanism is based on trusted roots.
I responded to certs specifically, regardless of context.
And you are correct, in that context. But that's not what context we were thinking of.