[Ach] opinions on letsencrypt.org?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Nov 25 11:56:00 CET 2014

Hi Aaron--

On 11/25/2014 05:09 AM, L. Aaron Kaplan wrote:

> A couple of days, I stumbled across https://letsencrypt.org/.  Somehow it highly reminded me of cacert.org.
> On the other hand, they seem to be going further by automating SSL certificate creation, CSR signing etc. while doing less work on the WoT part of cacert.org.

the certificate maintenance mechanisms (see the newly-formed
acme at ietf.org mailing list where discussion is about to start) is a
*huge* win over cacert.org, as is their planned inclusion in the
pre-existing CA infrastructure (via cross-signed certs with existing
members of the CA cartel).

> Did someone here look into letsencrypt.org in more detail and could you share your impressions?
> Could this be a cacert.org version 2.0? Or an startssl.com killer? [1]

i don't think that startssl.com is in competition here.  afaict,
startssl is only free for a few certificates, under very constrained
terms of service, but letsencrypt proposes to produce DV certs for
pretty much any purpose, i think.

> More details on how it works: https://letsencrypt.org/getinvolved/, https://github.com/letsencrypt/acme-spec
> My gut feeling tells me that DANE is probably a better tech.... but so was Betamax. 
> Curious about your feedback.

I don't think that DANE and letsencrypt are in opposition -- a good
implementation might be able to use them corroboratively.

The prospect of automated cert management, updates, and renewals is
*huge*.  aside from the financial cost of issuance, one of the major
obstacles to moving to TLS on most services has been the custom
configuration and scattered scripts that people cobble together to
maintain these things.

I suspect acme needs more eyeballs and careful thinking, but having a
concrete place to focus this energy is a great contribution.

And letsencrypt's commitment to publicly logging all certificates means
that it's possible for any misissuance to be detected by the
impersonated party.  i don't know how that's going to play out once it
(inevitably) happens, though.

To be clear, i don't expect that ACME and letsencrypt will be a step up
from the reliability of existing CA-cartel-issued DV certs.  I just
expect them to be an advance in deployability and maintenance, which
means less excuses and more crypto.

If we can get everyone using this stuff by default, then we can start
pushing for corroborative improvements, like OCSP must-staple and DANE,
which will actually start to increase reliability (or at least detection
of misissuance) somewhat.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20141125/d9d351e6/attachment.sig>

More information about the Ach mailing list