(community.letsencrypt.org)

318 points Bogdanp | 2 comments | 25 Jun 25 16:21 UTC | HN request time: 0.763s | source

Show context

msgodel ◴[25 Jun 25 19:15 UTC] No.44380911[source]▶

>>44379034 (OP) #

This is incredibly dumb. The three way handshake and initial key exchange is your certificate.

replies(2): >>44381814 #>>44382226 #

Dylan16807 ◴[25 Jun 25 22:05 UTC] No.44382226[source]▶

>>44380911 #

And this protects you from a hostile network how?

replies(1): >>44382560 #

msgodel ◴[25 Jun 25 22:56 UTC] No.44382560[source]▶

>>44382226 #

How does the certificate? If you already have to do the TLS handshake it doesn't change anything.

replies(1): >>44383605 #

Dylan16807 ◴[26 Jun 25 02:06 UTC] No.44383605[source]▶

>>44382560 #

A verified certificate lets you know you didn't handshake with an attacker in the middle.

replies(1): >>44387620 #

1. msgodel ◴[26 Jun 25 14:11 UTC] No.44387620[source]▶

>>44383605 #

Let me rephrase that: How is the CA supposed to know they didn't handshake with an attacker? All they have is the IP, there's no identity to check like with DNS.

replies(1): >>44390639 #

2. Dylan16807 ◴[26 Jun 25 19:49 UTC] No.44390639[source]▶

>>44387620 (TP) #

The CA connects to the IP from multiple different points across the internet. If you can convince all of them, you almost certainly do control the IP.

You as a normal client don't do that. Your computer can be fooled by very easy local spoofs.

And for what it's worth, taking over the IP would also let you get a DNS-based certificate, so those actually have more weak points.

↑

Getting ready to issue IP address certificates