[Ach] Let's Encrypt + TLSA, DANE, HPKP, ... - was: bettercrypto.org certificate has expired today

Gunnar Haslinger gh.bettercrypto at hitco.at
Wed Mar 8 16:53:01 CET 2017

Am 2017-03-08 16:32, schrieb Hanno Böck:
> This is one of the reasons why these days I tend to advise against HPKP
> with the exception of high risk sites. There's just far too much that
> can go wrong with HPKP.

Several possibilities to handle this risk:

Use Let's Encrypt with your custom CSR, recycle your CSR when renewing 
(which means reusing the KeyPair). No changes in TLSA-Records or HPKP 
needed, because stable Keypair.

If you used the certbot to create everything for you, you can still 
switch to CSR-Mode as long as you have access to your 
Pub/Priv-RSA-Keypair of your current certificate.

When you like to Change the Keypair:
1) do it early, so you have time to insert additional HPKP and TLSA 
2) do it with the prepared spare-Key. HPKP enforces you to have a 
Backup-Keypair, only pinning one PubKey doesn't work, RFC says you have 
to have at least one Backup Key pinned which is currently unused. 
Browsers don't enforce the HPKP-mechanism if you don't use an unused 
Backup-Key (at least I checked this with Chrome and Firefox).

But I agree with Hanno: If you feel uncomftable to handle this 
technology right, better don't use it. High chance something goes wrong, 
because not doing it the right way.

More information about the Ach mailing list