[tor-talk] Lets Encrypt compared to self-signed certs
Jonathan Wilkes
jancsika at yahoo.com
Mon Feb 29 21:14:37 UTC 2016
> We don't know how large the risk of legally-compelled misissuance is,
but we have lots of lawyers who would be excited to fight very hard
against it. I think that makes us a less attractive target than other
CAs that might not find it as objectionable or have as many lawyers
standing by to challenge it.
Hi Seth,Seeing how the FBI/Apple debacle has given us a perfect laboratory with
which to test this hypothesis, you might want to wait for the results
before opining.
-Jonathan
On Monday, February 29, 2016 3:21 PM, Seth David Schoen <schoen at eff.org> wrote:
bancfc at openmailbox.org writes:
> How secure is Lets Encrypt compared to a pinned self signed cert?
> Can Lets Encrypt be subverted by NSLs?
You can use pinning with Let's Encrypt certs too. The default client
behavior changes the subject key on every renewal, but I can add a
feature to keep the old key if you want to pin at the key level.
We don't know how large the risk of legally-compelled misissuance is,
but we have lots of lawyers who would be excited to fight very hard
against it. I think that makes us a less attractive target than other
CAs that might not find it as objectionable or have as many lawyers
standing by to challenge it.
Remember that (without CA-level pinning) users are always at risk
from misissuance by any CA that they trust, not just the CA that
you specifically chose to use. For example, google.com was attacked
(successfully at first) with misissued certs from DigiNotar even though
Google had no relationship with DigiNotar at all.
We also publish all of the certs that we issue in Certificate
Transparency. You can watch the CT logs for your domain or other certs
that you care about. If you ever see a cert in CT for your domain
that you didn't request, please make a big deal out of it. Likewise,
if you ever see a valid cert in the wild from Let's Encrypt that doesn't
appear in the CT logs, please make a very big deal out of it. At some
point it should become possible to get browsers to require inclusion CT
proofs for certs from Let's Encrypt, though we don't have the tools in
place for this yet.
--
Seth Schoen <schoen at eff.org>
Senior Staff Technologist https://www.eff.org/
Electronic Frontier Foundation https://www.eff.org/join
815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
--
tor-talk mailing list - tor-talk at lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
More information about the tor-talk
mailing list