Most active commenters
  • karel-3d(4)
  • account42(4)
  • _betty_(3)
  • JoshTriplett(3)

←back to thread

Let's Encrypt is 10 years old now

(letsencrypt.org)
489 points gslin | 49 comments | 20 Nov 24 06:13 UTC | HN request time: 0.003s | source | bottom
Show context
mrtksn ◴[20 Nov 24 07:49 UTC] No.42191644[source]
Hands down one of the greatest services out there, stopped a racket and made the internet secure.

I remember a time when having an HTTPS connection was for "serious" projects only because the cost of the certificate was much higher than the domain. You go commando and if it sticks then you purchase a certificate for a 100 bucks or something.

replies(5): >>42191676 #>>42192385 #>>42192827 #>>42192905 #>>42193198 #
1. dachris ◴[20 Nov 24 07:55 UTC] No.42191676[source]
There's still enough people out there who don't know better, manually (or auto-renew) purchasing new a certificate every year from their hosting provider like it's 2013.
replies(7): >>42191711 #>>42191799 #>>42191800 #>>42191829 #>>42191872 #>>42191976 #>>42192618 #
2. mrtksn ◴[20 Nov 24 08:04 UTC] No.42191711[source]
AFAIK there's things like Extended Validation Certificate Verification that used to make the browser address bar look more trustworthy by making it green but I don't know if its still a thing. At least in Safari, I don't see a green padlock anywhere.
replies(7): >>42191763 #>>42191765 #>>42191791 #>>42191856 #>>42191904 #>>42192021 #>>42192314 #
3. Systemmanic ◴[20 Nov 24 08:16 UTC] No.42191763[source]
Chrome and Firefox removed the extra UI stuff for EV certs in 2019:

https://groups.google.com/a/chromium.org/g/security-dev/c/h1...

https://groups.google.com/g/firefox-dev/c/6wAg_PpnlY4

4. sureIy ◴[20 Nov 24 08:16 UTC] No.42191765[source]
Yeah that also stopped being a thing. I'm really happy how Chrome and then other browsers gradually shifted the blame to insecure websites rather than highlighting "secure" ones.

You'll still find people online clamoring EV certificates are worth anything more than $0 but you can ignore them just as well.

5. mrweasel ◴[20 Nov 24 08:21 UTC] No.42191791[source]
I remember our boss really wanted that green bar, so we got an extend validation certificate. What we had failed to realise is that they would only be issued to the actual legal name of your company, but not any other names you may be operating under. We had a B2C webshop, where we wanted the ev-cert, but because the B2C side of the business wasn't it's own legal entity, the cert we go issued was for our B2B name, which none of our customer customers knew and it looked like a scam.

The only good thing dealing with certificate resellers at the time was that they where really flexible in a lot of ways. We got our EV cert refunded, or "store credit" and used the money to buy normal certificates.

6. yread ◴[20 Nov 24 08:23 UTC] No.42191799[source]
Unfortunately, the code signing certificates work pretty much the same way
7. irjustin ◴[20 Nov 24 08:23 UTC] No.42191800[source]
Related point - we interface with Singapore gov services (MYINFO).

They don't recognize LE nor AWS's certs. Only the big paid ones. Such an annoying process too - to pay, to obtain and update the certs.

replies(2): >>42191851 #>>42192299 #
8. ta1243 ◴[20 Nov 24 08:28 UTC] No.42191829[source]
Our company bans the use of letsencrypt because of the legal terms. Nobody at the CxO level will sign off on it, so we end up paying whatever to globalsign.
replies(1): >>42191898 #
9. tialaramex ◴[20 Nov 24 08:33 UTC] No.42191851[source]
I guess the good thing there is that it's absolutely transparent that this is just a way to make you pay somebody else. Like the Jones Act (Merchant Marine Act, but everybody just calls it the Jones Act). The US government doesn't get a slice if you want to buy ships to move stuff from one part of the US to another, but it does require that you buy the ships from an American shipyard, and so those yards needn't be internationally competitive because the US government has their back.

Nobody is like "Oh, the Jones Act ensures high quality ships" because it doesn't, the Jones Act just ensures that you're going to use those US shipyards, no matter what.

10. bux93 ◴[20 Nov 24 08:34 UTC] No.42191856[source]
Chrome 77 removed the prominent green EV badge. "A series of academic research in the 2000s studied the EV UI in lab and survey settings, and found that the EV UI was not protecting against phishing attacks as intended. The Chrome Security UX team recently published a study that updated these findings with a large-scale field experiment, as well as a series of survey experiments." [1]

Extended Validation can still play a role in a corporate's IT control framework; the extended validation is essentially a check-of-paperwork that then doesn't need to be performed by your own auditor. Some EV certificates also come with some (probably completely useless) liability insurance.

[1] https://chromium.googlesource.com/chromium/src/%2B/HEAD/docs...

replies(1): >>42191981 #
11. technion ◴[20 Nov 24 08:36 UTC] No.42191872[source]
I deal with multiple enterprise applications where idea of scripting a renewal involves playing with scripting headless Chrome.

I'm really not a fan of it but I'm happier paying for a one year cert than doing that

replies(1): >>42191950 #
12. seszett ◴[20 Nov 24 08:40 UTC] No.42191898[source]
What legal terms do they find objectionable?

What about ZeroSSL, which is basically interchangeable with Let's Encrypt?

13. Propelloni ◴[20 Nov 24 08:40 UTC] No.42191904[source]
They are still there, but most browsers don't do anything with it anymore since 2019, when Firefox and Chrome stopped caring.

There are some scenarios where you still have to employ EV certificates, e.g. code signing.

14. yurishimo ◴[20 Nov 24 08:48 UTC] No.42191950[source]
Sorry if this is a dumb question, but why? If I'm not mistaken, Let's Encrypt supports validation via DNS now so you don't even need to have a working webserver to issue a certificate. Automating a script to perform a renewal should be much simpler than headless Chrome!

If your DNS provider doesn't have an API, that seems like a separate issue but one that is well worth your organization's time if you're working in the enterprise!

replies(3): >>42191989 #>>42192076 #>>42192621 #
15. karel-3d ◴[20 Nov 24 08:54 UTC] No.42191976[source]
I have dealt with banking environment when they required SSL with at least 1-year validity on the callback API URL. Which excluded Let's Encrypt.

We were looking for a SSL provider that had > 1 year old certs AND supported ACME... for some reason we ended up with SSL.com that did support ACME for longer lasting certs; however, there was some minor incompatibilities in how kubernetes cert-manager implemented ACME and how SSL.com implemented ACME; we ended up debugging SSL.com ACME protocol implementation.

Fun. We should have just clicked once per 3 years, better than debugging third parties APIs.

No, I don't remember the details and they are all lost in my old work emails.

(Nowadays I think zerossl.com also supports ACME for >1 year certs? but they did not back then. edit: no they still don't, it's just SSL.com I think)

replies(3): >>42192077 #>>42192133 #>>42197885 #
16. duskwuff ◴[20 Nov 24 08:55 UTC] No.42191981{3}[source]
> Some EV certificates also come with some (probably completely useless) liability insurance.

Warranties / insurance on SSL certificates typically only pay out if a certificate is issued improperly, often in conjunction with other conditions like a financial loss directly resulting from the misissuance. Realistically, any screwup serious enough to result in that warranty paying out would also result in the CA being abruptly removed from browser root certificate programs.

replies(2): >>42192204 #>>42197508 #
17. patrakov ◴[20 Nov 24 08:56 UTC] No.42191989{3}[source]
I guess it is not about renewal but about certificate deployment.
18. _betty_ ◴[20 Nov 24 09:02 UTC] No.42192021[source]
they were also pretty bad for performance due to the extra lookup (and reduction in caching)
replies(1): >>42192187 #
19. blipvert ◴[20 Nov 24 09:12 UTC] No.42192076{3}[source]
You can set up the _acme-challenge (or whatever it is)as a CNAME to point to a domain which does support an API for automating the renewal

(looking in to setting this up for a bunch of domains at work)

20. JoshTriplett ◴[20 Nov 24 09:12 UTC] No.42192077[source]
> I have dealt with banking environment when they required SSL with at least 1-year validity on the callback API URL. Which excluded Let's Encrypt.

I wonder if this would be an opportunity for revenue for Let's Encrypt? "We do 90-day automated-renewal certificates for free for everyone. If you're in an unusual environment where you need certificates with longer validity, we offer paid services you can use."

replies(3): >>42192215 #>>42192496 #>>42193166 #
21. lol768 ◴[20 Nov 24 09:21 UTC] No.42192133[source]
> I have dealt with banking environment when they required SSL with at least 1-year validity on the callback API URL

Why are (some) banks always completely clueless about these things? Validating ownership of the domain more often (and with an entirely automated provisioning set-up that has no human weak links) can only be a good thing.

Perhaps the banking sector will finally enter the 21st century in another ten years?

replies(2): >>42192383 #>>42192487 #
22. account42 ◴[20 Nov 24 09:31 UTC] No.42192187{3}[source]
What extra lookup. AFAIU they are just like normal certificates but with a "customer paid extra" flag.
replies(2): >>42192216 #>>42192233 #
23. ◴[20 Nov 24 09:34 UTC] No.42192204{4}[source]
24. account42 ◴[20 Nov 24 09:37 UTC] No.42192215{3}[source]
Probably better to keep LE / ISRG completely non-profit. Adding a profit motive has too big of a chance to end with actually security-relevant features being gated behind payment eventually.
replies(1): >>42192523 #
25. _betty_ ◴[20 Nov 24 09:37 UTC] No.42192216{4}[source]
they normally require a revocation lookup on the spot, and iirc there was differences in if they could or how stapling worked.
replies(1): >>42192599 #
26. _betty_ ◴[20 Nov 24 09:39 UTC] No.42192233{4}[source]
https://simonhearne.com/2020/drop-ev-certs/
27. vmit ◴[20 Nov 24 09:52 UTC] No.42192299[source]
Myinfo did away with certificate requirement altogether! Yay! (hello from Singapore)
28. tannhaeuser ◴[20 Nov 24 09:55 UTC] No.42192314[source]
Huh? EV certificates are actually certifying you're the (juristical) person you're claiming to be based on ID and trade register checks, unlike Let's Encrypt certificates which only certify you're in possession of a domain. Isn't using EV certificates legally required for e-commerce web sites at least in parts of the world, and also obligatory for rolling out as MasterCard/Visa merchant by their anti-fraud requirements along with vulnerability checks and CI/site update processes being in place?
replies(1): >>42192466 #
29. Veen ◴[20 Nov 24 10:03 UTC] No.42192383{3}[source]
The problem is more likely one of regulation than technical knowledge. Banks hire very smart people who know that a lot of what they do is bullshit, but they're paid to comply with banking and security regulations that lag a long way behind technical advances. Banks are also inherently conservative in their technical choices, and for good reason.
30. khuey ◴[20 Nov 24 10:17 UTC] No.42192466{3}[source]
> Isn't using EV certificates legally required for e-commerce web sites at least in parts of the world

Not in any jurisdiction I'm aware of, though it's a big world so it wouldn't shock me if some small corner of it has bad laws.

> and also obligatory for rolling out as MasterCard/Visa merchant by their anti-fraud requirements

PCI DSS does not require EV certificates.

31. karel-3d ◴[20 Nov 24 10:21 UTC] No.42192487{3}[source]
The banking sector usually goes with "checkbox security".

They have these really, really long lists what all needs to be secured and how. Some of it is reasonable, some of it is bonkers, there is way too much of that stuff, and it overall increases the price of any solution 10x at least.

But OTOH I can hardly blame them, failures can be catastrophic there, as they deal with real money directly and can be held liable for failures. So they don't really care about security, and more about covering their asses.

replies(2): >>42192910 #>>42198073 #
32. karel-3d ◴[20 Nov 24 10:23 UTC] No.42192496{3}[source]
If they want to do something commercial, they should go for the code signing certificates, that stuff is still a racket.
33. JoshTriplett ◴[20 Nov 24 10:26 UTC] No.42192523{4}[source]
It's less about the profit motive, and more about removing the remaining incentives to stay outside the ACME ecosystem. The funding would be to provide additional infrastructure (e.g. revocation servers for longer-lasting certificates), and to fund new such efforts.
replies(1): >>42192587 #
34. account42 ◴[20 Nov 24 10:36 UTC] No.42192587{5}[source]
But once there is an income stream from issuing certificates there is an incentive to increase it which will quickly find itself at odds with the primary missions of providing secure connections to as many people as possible. Making infrastructure depend on that income stream only increases that incentive. Perhaps you trust the ISRG to resist the temptaton but as far as I know they are run by humans.
replies(1): >>42193063 #
35. account42 ◴[20 Nov 24 10:38 UTC] No.42192599{5}[source]
Interesting. Sounds like a cost that is entirely reasonable for use cases like online banking though.
36. wink ◴[20 Nov 24 10:41 UTC] No.42192618[source]
Doesn't necessarily have anything to do with knowing, some environments are just not worth automating or support it so badly that even paying twice or more would still be nothing compared to the annoyance. It's been getting better over the years though.
37. technion ◴[20 Nov 24 10:42 UTC] No.42192621{3}[source]
Obtaining a certificate via dns doesn't help you install it via a Web interface that takes 20+ clicks and a 15 minute reboot to apply .
replies(1): >>42192850 #
38. pastage ◴[20 Nov 24 11:25 UTC] No.42192850{4}[source]
And open a ticket on a suppliers website, click through four pages with free text input, then send certificate via email.

Lets not talk about key delivery. We will get back the admin cost and of all that in a year if we tunnel them through one of our LBs.

39. dspillett ◴[20 Nov 24 11:36 UTC] No.42192910{4}[source]
> some of it is bonkers

Some of it is truly bonkers and never was good practise, but much of the irritating stuff is simply out-of-date advice. The banks tend to be very slow to change unless something happens that affects (or directly threatens to affect) the bottom line, or puts them in the news unfavourably.

Of course some of it is bonkers, like HSBC and FirstDirect changing the auth for my personal accounts from “up to 9 case-sensitive alpha-numeric characters” (already considered bad practise for some years) to “6 digits”, and assuring me that this is just as secure as before…

replies(1): >>42192988 #
40. dizhn ◴[20 Nov 24 11:47 UTC] No.42192988{5}[source]
That sounds like "we were truncating your id and pass before anyway".
replies(1): >>42193303 #
41. JoshTriplett ◴[20 Nov 24 11:57 UTC] No.42193063{6}[source]
There are many, many opportunities in both the business and non-profit world to make more money by screwing your customers/users, and despite that, it does not always happen. Businesses and non-profits are built on the trust of users (or built in spite of the utter lack of it, e.g. Comcast). I don't think they should be afraid to provide things users need. It is, in fact, possible to choose and keep choosing to maintain the trust of your users.

I think there's still incentive alignment here. Getting people moved from the "purchase 1 year certificate" world (which is apparently still required in some financial contexts) into the ACME-based world provides a path for making a regulatory argument that it'd be easy for such entities to switch over to shorter-lived certificates because the ACME infrastructure is right there.

42. Nekit1234007 ◴[20 Nov 24 12:10 UTC] No.42193166{3}[source]
I'm pretty sure ISRG doesn't want to deal with payments any more than they do now (i.e. outside of donations and sponsorships)
43. dspillett ◴[20 Nov 24 12:25 UTC] No.42193303{6}[source]
I don't think so, because it would also imply they were also throwing away anything non-numeric, and I really hope nothing that stupid was going on. When the change happened everyone had to establish a new password.

I read it as “we have been asked to integrate an ancient system that we can't update (or more honestly in many cases: can't get the higher-ups to agree to pay to update), so are bringing out other systems down to the lowest common denominator”. That sort of thing happens too often when two organisations (or departments within one) that have different procedures, merge or otherwise start sharing resources they didn't previously.

44. uid65534 ◴[20 Nov 24 19:57 UTC] No.42197508{4}[source]
Ah yes, I too remember when COMODO was ripped out of browsers in 2011 when it came to light they gave sign-anything rights to a bunch of resellers, one of whom was hacked. And then again in 2016.

And another fun one unrelated to signing was when they tried to trademark "Let's Encrypt" in 2015.

But yes, it is not a common issue and effort would be better focused on improving site security in other ways. (unlike the rest of my comment, this line isn't sarcasm.)

45. merb ◴[20 Nov 24 20:40 UTC] No.42197885[source]
Globalsign and digicert have acme support.
replies(1): >>42201487 #
46. BrandoElFollito ◴[20 Nov 24 21:02 UTC] No.42198073{4}[source]
I won't go into the idiocies banks implement. They usually have to because totally incompetent people tell them they have to.

One of the practices was pathetic to the point of being funny: you had to input specific characters of your password (2nd, 4th, 6th, etc - this was changing at each login) AND there was a short timeout. My children probably learned a few new words when I was logging in.

replies(1): >>42203392 #
47. karel-3d ◴[21 Nov 24 05:45 UTC] No.42201487{3}[source]
Hm, I have no idea why we didn't pick tgem back then. I see it now. Maybe it was too expensive? I don't remember the reasoning at this point
48. jjeaff ◴[21 Nov 24 11:52 UTC] No.42203392{5}[source]
I suppose the purpose of that was to signal to hackers that they ARE in fact storing all passwords in plaintext?
replies(1): >>42203599 #
49. BrandoElFollito ◴[21 Nov 24 12:20 UTC] No.42203599{6}[source]
It is very likely, yes. After a year or so of this practice (people were writing down their password with digits under the letters to quickly match the request) the bank said that they now propose two "secure login forms" - the older one and a new, normal one.

Some time later they silently removed the first one.