Hm, apparently #letsencrypt now provides mor than 50% of the web certificates.
On one hand: FUCKING AWESOME.
On the other: Shit. They're getting very powerful and we are centralizing our trust. I think we could reallu use 2-3 new orgs like Letsencrypt, with similar technology and mission statement, but entirely independent.
Are there any out there yet?
@Michcioperz @thunfisch Yeah, but they weren't centralised to the degree that *one* CA had so much influence.
@rixx perfectly explained the point I was trying to make.
@rixx @Michcioperz @thunfisch they were centralized wrt. to integrity - every CA was a single point of failure. You compromise any of them, and you pwn every TLS connection.
OTOH, they were not centralized with regard to availability - if one of them decides to censor you, you go find another one.
If everyone uses letsencrypt, it'll be centralized in both aspects. The chance of your MITM will not increase, I'd even say it'll decrease. OTOH, it'd be easier to prevent sb from ever getting a cert.
@thunfisch @alcinnz the biggest factor is "do the popular browsers trust the CA?". You can make your own cert (self sign), there are 3rd parties who will give a free cert, and have been for years. But if most regular users see big scary ssl warnings (which they should!), then it's a nonstarter alas....
yep. If a CA is not in the browsers trust it is prety much useless for general purpose, because people will be scared that 1337-h4xX0rs are in their computers.
I was asking about any CAs like LE, that are trusted by most browsers so that people don't panic when I use it on a public site.
IMO #LetsEncrypt has 2 big benefits, (a) free certs! (b) really easy to use. Seriously just run a command and it will make your Apache conf right. I'm a sysadmin, and I use LE, even when there's a paid for cert available, because it's just much much easier.
The free part is a biggie, and LE was first with widespread support. But other ssl vendors could work on the UI, could implement ACME, and make the experience as good. That might help
@ebel @thunfisch @alcinnz I'm most definitely not a sysadmin, and I use LE with acme.sh, because even a non-sysadmin can (with some difficulty) successfully deploy it on a small personal website with no root access.
@thunfisch didn't notice this power center.
@thunfisch Using a CA doesn't mean you trust that CA, just getting a cert signed by them doesn't give them the ability to do anything they can't already do anyway.
@vi when a single CA gets that big it is even less trivial to remove them from the default trust store (i.e. browsers).
Try removing LE when they provide 90% of the worlds website certificates and they start doing weird shit. You would pretty much instantly break the web. Therefore all the people who are using letsencrypt are trusting LE not to do stupid shit and accepting that they get this big.
Dont get me wrong - I love LE and what they are doing for the web. But I sense some dangers.
@thunfisch we've already seen how removing large CAs works with startcom and symantec, trusting and distrusting certs based on the issue date rather than wholesale removing them. The CA model is broken from top to bottom, using or not using LE doesn't change anything.
@thunfisch I actually hope LE does get too big and break most the Web. It might give browsers the kick they need to move to a different system, eg. Convergence
@thunfisch @vi They can refuse to give you a cert. And with browser vendors forcing users to jump through additional hoops in order to be able to accept self-signed certs, or certs from an untrusted CA, that's a problem. Imagine living in a country that's embargoed by the US.
Also, the browser vendors are the defacto gatekeepers on the CA market (they control the trusted CA list being shipped), and at least Google and Mozilla are Let's Encrypt sponsors at the same time.
@thunfisch Yes, there's a disaster waiting to happen:
- browsers are slowly deprecating http (or make it scary)
- certs providers are pushing for increasingly shorter expiry dates
- #letsencrypt usage is based on a TOS, in which they reserve the right to terminate any account as they wish.
With these 3 things combined, letsencrypt is building yet another ON/OFF switch for the web and other networked services.
Hopefully more, from different jurisdictions will jump in and provide alternatives.
@thunfisch Wow, where did you see that 50% stat? The power issue is significant, but I worry about what would happen to the web if LE were to fail or get attacked.
@thunfisch thanks, and it looks like the data is here https://nettrack.info/ssl_certificate_issuers.html
@thunfisch how about putting a self-signed/web-of-trust-like cert into DNS? and I think with that as a goal centralizing to a NPO in first step seems a discussable idea.
@thunfisch CAcert ? http://cacert.org/ It provides gratis certificates and a nice automatic interface for a long time.
Linker-certified certs:
httpy://<fingerprint of self-signing CA>:example.com/blah/blah
Failing the existance of this, what we should do for most public data is just more content-addressed stuff.
@clacke @ebel @edsu @thunfisch @Michcioperz @pettter Well, if you want a CA-less system, there is DANE, which actually works.
@bortzmeyer
Except that's it's poorly supported by web browser, the original preoccupation
@clacke @ebel @edsu @thunfisch @Michcioperz @pettter
Who is going to find the alternative? There's no money in it
EFF, Linux Foundation, and Mozilla have all thrown their funding behind letsencrypt - short of FSF, what other NFP would fund a CA?
That those orgs are supporting does give LE some accountability and therefore trustworthiness.
But monopolies are obviously bad, soo... It takes major buy-in from the 4 major browser vendors, and 3 main OSes - who can pull that off without major funding?
@kit_darko @thunfisch @kit_darko @thunfisch RIGHT. I do think there are a plethora of NFPs that would be potentially *interested* -- like http://sdf.org , some Wikimedia chapters, https://signalfoundation.org/ , https://www.accessnow.org/ , https://renewablefreedom.org , and http://stumptownsyndicate.org/ , for example. But I'm skeptical about where sustained funding would come from -- then again I'm not 100% clear on how much it takes to run LE now that it's been initially developed & tested.
@thunfisch
Before there was more or less only a single CA that would issue for free certificates Startcom, so it was still a monopol before
@thunfisch maybe they should voluntarily split up...
@thunfisch you can spin up your own entire letsencrypt stack, the only problem will be getting people to accept the certs you sign.
@thunfisch The "web of trust" is broken and centralized by design because you can't simply "open" a CA. You need to be trusted by some other CA that has been around for quite some time, because otherwise old devices will mark your page as insecure since your certificate chain does not lead to any known "trust anchor" they already know.
Instead of opening more CAs we really need a solution that is encrypted and trustless by default.
@thunfisch @thomas There was still #cacert who began with web of trust. But the CA isn't in any browser by default.
They have to implement the acme protocol and have to audit they ca.
@thunfisch Certificates and the trust they provide is based on a centralized tech. To change that would mean replacing the entire tech (a good idea imho). Also, as we have learned previously, it takes just one "bad" authority to fuck up everything for everyone, so I'm leaning towards "less is more" in this case.
@thunfisch per usual, the problem is in usabity. we can add own/trusted cert and cert authorities to browser's trust chain but the last time I looked it takes > 5 clicks https://ram.k0a1a.net/self-signed_https_cert_after_chrome_58#add_cert_to_the_browser
@thunfisch Well… other CAs just have to adopt the standardized ACME protocol and offer free certs. That's not so hard, but they have not done yet.
@thunfisch I'd love to know too.
@thunfisch
i'm really hoping to see an increase in adoption of dane, which circumvents the whole need for certificate authorities
it requires trust in your domain registrar instead, but we have lots of those
@thunfisch Cloudflare hands out free SSL certificates too, but you are bound to using their CDN and DNS.
@thunfisch
At least let's encrypt defined an open protocol that any CA may replicate.
@thunfisch @scanlime that is a massive project, and tbh I have no idea how LE even got off the ground.
@thunfisch where'd you get the numbers? 50 % is amazing!
@thunfisch CAs were always centralized tbh. It takes a lot of trust and shit