←back to thread

LetsEncrypt – Expiration Notification Service Has Ended

(letsencrypt.org)
181 points zdw | 3 comments | 30 Jun 25 04:49 UTC | HN request time: 0s | source
Show context
TekMol ◴[30 Jun 25 08:35 UTC] No.44420869[source]
Certificates are still a pain in the butt. One of the most cumbersome aspects of the web.

Especially domain wide certs which need DNS auth.

DNS auth would be okish if it was simply tied to a txt entry in the DNS and valid as long as the txt entry is there. Why does LetsEncrypt expire the cert while the acme DNS entry is still there? Which attack vector does this prevent?

Also, why not support file based auth in .well-known/acme-challenge/... for domain wide certs? Which attack vector does that prevent?

replies(6): >>44420913 #>>44421265 #>>44421337 #>>44421359 #>>44421487 #>>44429373 #
jeroenhd ◴[30 Jun 25 09:37 UTC] No.44421265[source]
> Why does LetsEncrypt expire the cert while the acme DNS entry is still there?

That's like saying "why does the government expire my passport/driver's license when I haven't changed my name". That's not how it works; the document is stamped valid for a specific amount of time, and you get a new document with a new expiration time when you renew it.

The certificate from LE will expire automatically 90 days after it was provided, that's why you need to renew it before the 90 days are up.

If you hate setting up automated certificate renewal, you can still get longer-lasting certificates from paid certificate providers. It used to be that you needed to pay a company to generate a certificate for you every year, now you just get the option to have a free one every 90 days.

> Also, why not support file based auth in .well-known/acme-challenge/... for domain wide certs

An ACME challenge file on a web server proves that you control a specific server at a specific domain, so you get a certificate for a specific domain.

A DNS entry proves you control the entire domain, so you (can) get a certificate for the domain.

By uploading a file to tekmol.freewebhost.com, you haven't proven that you control either .freewebhost.com or .tekmol.freewebhost.com. You have just proven that you control tekmol.freewebhost.com.

replies(6): >>44421354 #>>44421633 #>>44421671 #>>44421834 #>>44421863 #>>44422141 #
AnthonyMouse ◴[30 Jun 25 11:12 UTC] No.44421834[source]
The government expires your driver's license because they want to charge you for a renewal. You can tell that this is the only reason because it's the only thing they want in order to give you a new one. They do nothing to confirm that you still know how to drive.

But Let's Encrypt doesn't charge anything. All they want is to confirm that you still control the domain. So why doesn't "the DNS record they had you add to begin with is still there" satisfy that requirement and allow you to repeatedly renew the certificate until it stops being there?

Tie the DNS challenge to the public key in the certificate. Then as long as it hasn't changed you can update the certificate without giving the update process modify access to the DNS server.

replies(3): >>44421962 #>>44422937 #>>44428866 #
lxgr ◴[30 Jun 25 23:05 UTC] No.44428866[source]
Most governments primarily don’t want stolen identity documents circulating without any time bounds, especially given that they often get used improperly these days (e.g. by allowing a photo/scan of somebody’s ID to constitute “authentication” without comparing the photo to a real person, which is a bizarre notion that’s getting more and more common).
replies(1): >>44428956 #
1. AnthonyMouse ◴[30 Jun 25 23:17 UTC] No.44428956{3}[source]
Passports and license renewals are often for periods in the nature of 10 years. Is that meaningfully different from the self-invalidation already implied by an ID that claims you're 144 years old? The mean time between mass data breaches is certainly already less than the existing renewal interval.

Meanwhile how does a stolen scan of an identity document become invalidated by requiring a renewal? The new document is identical and even contains the same ID number. The only difference is the date which anyone could trivially alter with a computer. For that matter the only thing they need from the stolen ID is the name and number, so even if you completely redesign the layout of the ID, someone with the old one can recreate a scan of the new layout using only the information on the old stolen one.

The problem here is not that you need IDs to expire, it's that you need fools to stop trying to rely on a computer image of an ID to authenticate anything.

replies(1): >>44430239 #
2. lxgr ◴[01 Jul 25 03:15 UTC] No.44430239[source]
> The new document is identical and even contains the same ID number.

Quite a few IDs contain a 2D barcode, and I believe at least some of these contain some offline-validateable signature over the basic data of the document, including the expiry date. That's not as trivial to forge.

On top of that, document expiry does help a bit with people trying to use a lost/stolen ID of somebody they happen to look similar to, adds a forcing function to make people eventually upgrade to newer/more secure document standards etc.

replies(1): >>44430819 #
3. AnthonyMouse ◴[01 Jul 25 05:19 UTC] No.44430819[source]
> Quite a few IDs contain a 2D barcode, and I believe at least some of these contain some offline-validateable signature over the basic data of the document, including the expiry date. That's not as trivial to forge.

Most government IDs don't have that, and it's still not clear what good it would be doing when data breaches happen on much shorter timescales than ID expirations. Who cares if they stop being able to use the ID after 10 years, when they can use them for 10 years and there will be another breach providing them with a new batch of IDs to use in a matter of days rather than years?

> On top of that, document expiry does help a bit with people trying to use a lost/stolen ID of somebody they happen to look similar to

That seems like an extremely narrow advantage. If they just need some ID that looks like them then they can just get another one from the batch of fresh ones. If they need the ID of a specific person, the government still isn't authenticating renewals, so wouldn't they just use the existing stolen ID and pay for a renewal in that case, in which case we're back the only thing happening being the government extracts money?

Or no, in that case it's worse, because then they can submit a fresh picture of themselves to renew the ID which has someone else's name on it.

> adds a forcing function to make people eventually upgrade to newer/more secure document standards etc.

Which you already have because everybody eventually dies.