F-Droid site certificate expired

(gitlab.com)

155 points kxxt | 2 comments | 31 Aug 25 12:16 UTC | HN request time: 0s | source

Show context

gethly ◴[31 Aug 25 14:32 UTC] No.45083427[source]▶

>>45082595 (OP) #

Because those ephemeral LE certificates are such a great idea...

replies(6): >>45083455 #>>45083516 #>>45083798 #>>45083991 #>>45084464 #>>45088393 #

hkt ◴[31 Aug 25 15:35 UTC] No.45083991[source]▶

>>45083427 #

DANE would be better than LE, but weirdly the massive companies building browsers don't want to provide support. Spooky!

https://en.wikipedia.org/wiki/DNS-based_Authentication_of_Na...

replies(2): >>45084450 #>>45084457 #

0xbadcafebee ◴[31 Aug 25 16:31 UTC] No.45084457[source]▶

>>45083991 #

DANE is not a good idea. It makes DNS the CA. DNS doesn't have any stringent security requirements to its design or operation, as CAs do. It depends on a problematic protocol (that, among other things, limits the ability to deal with different operational and failure modes). And just because a nameserver provides a record, doesn't mean an authorized domain owner wanted that record to be an authorized secure transport. (not to mention, it would force people choose domain TLDs based on political positions, rather than, say, a desire for an easy to remember name)

It's weak security and introduces more problems than it solves. If we're going to get rid of CAs, we should consider a better solution, not a worse one.

replies(1): >>45087722 #

xorcist ◴[31 Aug 25 22:38 UTC] No.45087722[source]▶

>>45084457 #

No, it doesn't. It makes the registrar the CA. Which makes sense, they already authorize who owns which domain. They should absolutely do so cryptographically in some fashion.

What's weird is that the major registrars never even tried to enter the PKI business. It would have made sense. It would even have hastened the adoption of much needed TLS extensions.

replies(1): >>45088410 #

0xbadcafebee ◴[01 Sep 25 00:47 UTC] No.45088410[source]▶

>>45087722 #

The registrar is not equivalent to a CA in DANE.

- A CA validates requests, signs CSRs, publishes cert revocation, issues certificates and trust anchors.

- A registrar in DANE merely passes a DS record you created to the TLD, along with the promise that this record was created by the domain zone owner. It's basically the validation step. Nothing to do with establishing or securing data, key/record management, etc; they're a glorified FTP tool.

I'm in favor of registrars getting more involved (since they are the authority on who controls a domain), but only with a completely different design. I have suggested many times that CAs establish an API to communicate directly with Registrars to perform the validation step, as this would eliminate 95% of attacks on Web PKI without introducing any downsides. So far my pleas have fallen on deaf ears. And since the oligopoly of browser vendors continue their attacks on system reliability (via ridiculous expiration times) without any real pushback, I don't see it changing.

replies(1): >>45096610 #

1. xorcist ◴[01 Sep 25 21:06 UTC] No.45096610{3}[source]▶

>>45088410 #

The registry, not the registrar (sorry, I managed to mistype above, despite trying to be careful about these terms). The comparison with the CA is apt. The registry signs the DS record.

The model you suggest is a variant of what I allude to in my second paragraph above. That is indeed both an obvious, simple, and much more secure model than the web PKI we use today. I tried to push for similar ideas several years before things like DANE but no one seems interested enough. I have no idea why this is, as the model is both trivial and obvious.

replies(1): >>45110320 #

2. 0xbadcafebee ◴[02 Sep 25 23:12 UTC] No.45110320[source]▶

>>45096610 (TP) #

I've added to my TODO list to propose an RFC. It might literally be up to the two of us to fix it :)

↑