back to article Let's Encrypt gets automation

Hoping to expand the pool of Let's Encrypt testers, TrueCrypt audit project co-founder Kenneth White has run up a set of scripts to automate the process of installing certificates under the Mozilla-backed open CA. White, co-director of the Open Crypto Audit Project, has posted the work at Github, here. He explains that the …

  1. tom dial Silver badge

    Why?

    Why should I trust a certificate from Lets' Encrypt more than I do one from any of the other authorities that come with my browser? I do so because I must trust some of them in order to engage in commercial transactions on the internet, and without a good deal of labor cannot determine from which of them I might choose to remove trust without disrupting that. In trusting them I am, in fact, trusting whoever packaged the in-use browser, whether Google, Mozilla, or some other, whom I have no real reason to trust. A quick examination shows that the first few in this browser expired earlier this year, and the next few were issued long enough in the past that I doubt their key length despite the fact they are marked for expiration more than 20 years in the future. Over the last few years, I have had to remove trust from some when they were compromised and fake certificates were issued using their signatures. The whole arrangement strikes me as shaky, and it is not obvious that adding a new CA will bring a large, or even measurable, improvement.

    1. A Known Coward

      Re: Why?

      You're confusing the purpose of Let's Encrypt. The project has nothing to do with increasing trust in certificate authorities.

      Which doesn't mean you cannot trust Let's Encrypt, only that if you're looking for a solution to the trust problem then you need to re-invent the whole certificate system. LE is about giving everyone access to certificates free of charge, with no strings, no 'revocation fees' and no limits to the number of certificates you can deploy. It's about removing the barriers to deployment even on the lowliest website and thus bringing about the long overdue age of complete encryption to the internet.

      Aside from issuing certificates, the project also comes with a suite of tools which will properly configure your server to use the best possible TLS configuration, which alone makes it extremely valuable. Many servers still offer outdated or incomplete configs which are no longer secure, LE is offering a one-click solution that handles the whole process for you.

      There are plenty of other projects and solutions attempting to solve the 'trust' issue, including Public Key Pinning - although you still have to trust the browser and intermediate proxies, and let's face it, if you cannot trust those then no amount of encryption is meaningful.

      1. LDS Silver badge

        Re: Why?

        And that's a big mistake. Certificates means authentication first and encryption second. Encrypting without proper authentication is useless. Yes, you encrypt, while communicating with who?

        This is just alike the abysmal state of domain registration. Crooks can easily get millions of domains, including those very close to legitimate ones. Allow them to easily get certificates also and everything becomes useless to protect users.

        The whole PKI architecture was designed with a proper vetting procedure before releasing a certificate in mind. Without it, it can't work. Actually, EFF & C. aren't making communications more secure, they're making them less secure.

        1. Anonymous Coward
          Anonymous Coward

          Re: Why?

          That's what extended validation certificates are for. You will simply not be able to get an EVC for payzpal.com

          Free domain-only certificates are part of the carrot-and-stick approach to depreciating non-secure HTTP entirely.

          Now go on, argue with a straight face how unencrypted AND unauthenticated is more secure than domain-only authentication + encrypted. The only people upset about this are the certificate sellers who's money-for-nothing gravy trains are about to be derailed.

          1. LDS Silver badge

            Re: Why?

            And do you believe most internet users know the difference? You can do encryption without certificate, for the matter, it's just TLS was designed around certificates because it implies authentication. Actually, they're crippling TLS because they're driven by a political agenda instead of a technical one.

            They're making MITM easier, because they're blindly charging government snooping. Guess those same agencies are applauding they're naivety. Most less known business and people are at risk of fake certificates, paypal not, but what about your local bank and businesses? Do you believe bad encryption is so different of no encryption? False sense of security can be very dangerous.

            Certificates seller will only get a boost by a flood of useless, dangerous certificates.

            1. Anonymous Coward
              Anonymous Coward

              Re: Why?

              There are two issues. You're arguing that encryption doesn't insure identity, and we know that, and we don't care*. We're arguing that encryption will prevent your ISP, your government, and/or some 3rd-party from reading your traffic. That's all this new, free CA will do.

              * really, we don't, because real, charge-what-the-market-will-bear CA's have been delisted for improperly issuing certificates. This is an ongoing, yet separate, problem (see Google's recent ultimatum to Symantec) and you'll never solve both of them at once.

              1. LDS Silver badge

                Re: Why?

                No, a free CA will just make easier to obtain a fake certificate for somebody's else site if no vetting procedure is in place before releasing a certificate. It actually make snooping *easier*. Again, encryption is useless if you can't check whom you're really talking to.

                And what happen, if say MS, removes this CA from its list of CAs because it's releasing "bad" certificates? Sure, EFF, Mozilla and so on will start to whine.

                Moreover, your private key needs to be stored *on your server* to be accessible by your web/mail server etc. Guess how many private keys stored on lame hosting or badly configured servers will be easily accessible to governments, etc.? Do you believe GoDaddy & C. will not handle keys to FBI/NSA/GHCQ and so on?

                1. Confused Vorlon

                  Re: Re: Just another attempt

                  > No, a free CA will just make easier to obtain a fake certificate for somebody's else site if no vetting procedure is in place before releasing a certificate.

                  You can't get a certificate for somebody else's site. You have to demonstrate that you control the domain.

                2. A Known Coward

                  Re: Why?

                  > No, a free CA will just make easier to obtain a fake certificate for somebody's else site if no vetting procedure is in place before releasing a certificate. It actually make snooping *easier*.

                  Why don't you go read up on the project before you say anything more? Let's Encrypt's validation/verification procedures are far stricter and more robust that every large CA I've dealt with. Additionally their process is automated removing the possibility for user error - the system simply won't issue a certificate for a domain for which you cannot prove possession (* though not ownership, this is no different to any other CA).

  2. Stuart 22 Silver badge

    Secure financial transactions are one thing, not having your WordPress or forum login sent in plain text is another. Indeed nothing private should be sent in plain text (listening el reg?). But at the bottom non-commercial level you are not going to get usable encryption unless it is free or nearly free.

    That's what let's encrypt is about. How the big boys earn trust is another. EV seems to work. The education of users when to demand EV is another matter. Not sure how we can crack that.

    1. LDS Silver badge

      You don't really need a certificate to encrypt a channel with a session key. Algorithms like Diffie-Hellman work perfectly without a certificate. Just, the designer of SSL/TLS understood that without authentication of the parties, you can't really be sure who Bob is, if you don't have any mean to check it.

      Certificates are there to ensure Bob is really Bob. Once anybody can ask a certificate for Bob and no one checks if he's really Bob, well, basically you're removing the protection offered by certificates. They're downgrading TLS security, and can't see the consequences, just to say "take that, NSA!". Childish.

      1. Anonymous Coward
        Anonymous Coward

        D-H is also useless against a MITM because Mallory can just bridge two separate connections together and pretend to be the opposite connection each way. As for seeing if Bob is really Bob, that goes to the intractable First Contact Problem. Because Alice has no frame of reference, she has no true way to know Bob is really Bob (not even in a face-to-face encounter), and you can't rely on a Trent for the same reason (Is Trent really Trent, ad infinitum?) At some point, you're going to have to choose: take the plunge or get off the Net, because what you're arguing is basically that.

      2. chasil

        key verification

        You can use the stunnel utility to verify a specific key.

        You can extract the public key from a TLS session using a variety of means, and record it to a file. It will look like this:

        -----BEGIN CERTIFICATE-----

        MIID/TCCAuWgAwIBAgIJALT/9skCvdR5MA0GCSqGSIb3DQEBCwUAMIGUMQswCQYD

        ...

        -----END CERTIFICATE-----

        Then you configure stunnel with something like this:

        echo 'FIPS = no

        client = yes

        verify = 4

        cafile = /path/to/publickey.pem

        [client-https]

        accept = 127.0.0.1:65432

        connect = your.remote.server.com:443' > stunnel-verify.conf

        Then run stunnel with that configuration, and it will refuse to connect to any server that does not have the correct private key.

        Your local client will need to make a plaintext connection to port 65432 on localhost. If the connection is successful and the remote server responds, you can be sure that the remote keypair has been verified.

  3. Anonymous Coward
    Anonymous Coward

    "Certificates are there to ensure Bob is really Bob" -- LDS

    I understand what you are saying in terms of worrying that this is weakening TLS, but the weakness was already there. Users have to realise what it is that they are using to trust that Bob is Bob. You don't have to install a LE root cert (or keep one installed), after all.

    There's a lot of other good reasons to encrypt the entire web than 'sticking it to the NSA' One of these is that access to other peoples credentials and web content is often a big security risk in itself --- probably bigger than the MITM risks we are talking about.

    In the end people will have to learn that it isn't just 'padlock or no padlock' but that they need some indication of certificate quality. We could certainly do with speeding up DNSSEC for example. But I don't think Lets Encrypt really weakens TLS --- rather it makes people aware of the weaknesses inherent within it (and any digital certificate scheme).

    1. Anonymous Coward
      Anonymous Coward

      "In the end people will have to learn that it isn't just 'padlock or no padlock' but that they need some indication of certificate quality. We could certainly do with speeding up DNSSEC for example. But I don't think Lets Encrypt really weakens TLS --- rather it makes people aware of the weaknesses inherent within it (and any digital certificate scheme)."

      But what if the Average Joe is just plain too apathetic to care? IOW, what if the minimum necessary level of security is just too much hoop-jumping for them: basically a bridge too far? Like settling for dead bolts and not caring about cinder blocks through windows?

  4. Anonymous Coward
    Anonymous Coward

    Free != Incompetent

    Nice that you're slandering Let's Encrypt by claiming that they'll issue certs for domains you don't own.

    From what I've seen their procedures look tighter than many high price CA.

    I guess you have your agenda whatever it is.

  5. Joe Harrison

    same old

    I don't see the point. Let's Encrypt seem to be the latest in a series of other free CAs. For example www.cacert.org have been around for years and I never see sites using their certs. You can get a "real" SSL certificate in the free to 10 dollar range so why Let's Encrypt?

    1. Anonymous Coward
      Anonymous Coward

      Re: same old

      No, not same old.

      Cacert root isn't included in browsers so it's as useless as self-signed.

    2. A Known Coward

      Re: same old

      One crucial difference, aside from the one about LE being trusted by all browsers, is that LE are shipping a one-click solution that can be integrated by shared hosting provider or run as a standalone application on the server. It generates the keys, requests and downloads the certificate and configures the server for you - meaning you don't need to know how to do these things yourself. That has always been a barrier for many smaller sites, the need to go through a multi-step process including manual configuration changes and LE addresses that.

  6. phil dude
    Coat

    a no-sudo version...

    Here is a github project which allows you to achieve the same thing but without letting some unknown script run as root and mess with your system.

    This is something that needs to happen, one way or another....

    El Reg, fancy showing is how its done?

    P.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2022