←back to thread

Six day and IP address certificate options in 2025

(letsencrypt.org)
197 points SGran | 10 comments | 16 Jan 25 15:36 UTC | HN request time: 0.412s | source | bottom
1. blakesterz ◴[16 Jan 25 18:47 UTC] No.42729220[source]
I don't disagree with anything they say here:

https://letsencrypt.org/2025/01/16/6-day-and-ip-certs/#short...

But... How often do these types of compromises happen? I can't say I've ever seen or heard of it happening.

replies(6): >>42729585 #>>42730043 #>>42730145 #>>42730476 #>>42732356 #>>42748019 #
2. H8crilA ◴[16 Jan 25 19:15 UTC] No.42729585[source]
Impossible to say, as most people probably don't even know that their private key is stolen. I've personally seen it only once on a real certificate revocation. Yet another reason to have shorter lifespan.
replies(2): >>42730046 #>>42730194 #
3. ikiris ◴[16 Jan 25 19:52 UTC] No.42730043[source]
Often enough a protocol was made to deal with it. The compromises have mostly been kept quiet though or at least didn’t get much news traction.
4. Spivak ◴[16 Jan 25 19:53 UTC] No.42730046[source]
It's a pretty narrow threat model for Alice to get her cert stolen by Bob, be completely unaware that this has happened, and the means Bob used only works once.
5. mholt ◴[16 Jan 25 20:01 UTC] No.42730145[source]
That's the thing. We don't always know. Hence the need to reduce the attack lifetime.
6. yjftsjthsd-h ◴[16 Jan 25 20:04 UTC] No.42730194[source]
If they don't know they were breached, don't the odds favor the replaced key likewise getting re-stolen immediately?
replies(1): >>42730428 #
7. H8crilA ◴[16 Jan 25 20:24 UTC] No.42730428{3}[source]
Yes, but the odds are less than infinite, i.e. the probability is less than 1.0. At least some of such attacks take effort.
8. toast0 ◴[16 Jan 25 20:28 UTC] No.42730476[source]
I had to get certificates revoked for HeartBleed. :P
9. Azerty9999 ◴[16 Jan 25 23:38 UTC] No.42732356[source]
Hmmm. This solution still leaves quite a few days a compromised certificate can be used(!).. that's significant.. but I guess it's better than nothing?
10. LinuxBender ◴[18 Jan 25 12:59 UTC] No.42748019[source]
An example I experienced was an employee accidentally shipping keys/certs to a vendor in a support dump of a network device.

I had to revoke the certs and in anticipation I pulled together customer support, engineering, legal, various security orgs in the event that revocation would cause outages from cached certs from middle boxes of which there were plenty or other weird b2b setups.

It turned out to be a nothing-burger. None of the browsers or MitM proxies actually did anything with revocation and happily used the revoked certs without even a single warning from tens of millions of end users and system. This was around 2014. Curious if that has changed and if anyone here has tested revocation in a staging environment that has devices that cache certs.