Let's Encrypt Everything

If you have a busy site, let the CDN act as the TLS endpoint. CloudFlare and CloudFront already support this, though CloudFront charges 25 to 60 cents extra per million hits for HTTPS.

If you have a very slow uplink shared by several subscribers, the operator of the intercepting caching proxy can act as an automated CA. Then each subscriber can add this CA as a trusted root CA. This increases the number of people who can view or alter the communication from two (the endpoints) to three (the endpoints and the proxy), but that’s still far fewer than every single router between the endpoints, which was the case under cleartext HTTP.

@captaincoder

DANE also relies on a centralized component: the DNS root servers. Adoption of DANE has been lagging for two reasons.

  1. DANE relies on DNSSEC, whose public key is only 1024 bits. This short key length is the primary reason why Chrome doesn’t come with DANE support.
  2. Some domain registrars that bundle DNS service have decided to treat DNSSEC as an upsell, making it available only to subscribers to “premium DNS”. GoDaddy falls (or fell?) into this category.

@codinghorror

You mentioned one recurring cost in the article.

Without that required cash each year, without the SSL certificate that you must re-purchase every year in perpetuity – you can’t encrypt anything.

But that’s not the only recurring cost of a move toward HTTPS.

As a measure to increase HTTPS adoption, Firefox and Chrome have started to make some JavaScript APIs available only in secure contexts. These currently include at least Service Workers, Geolocation, and WebRTC. So if someone wants to make a router, printer, NAS, or other appliance with a web interface, and that web interface uses one of the secure-only APIs, it’s going to need HTTPS and thus a certificate. For example, once the Fullscreen API goes secure-only due to phishing attacks that spoof the browser chrome, a user of a NAS won’t be able to play movies from the NAS in the full screen.

Let’s Encrypt offers certs for any website that has a FQDN in a registrable domain. This covers the public web. It does not cover a private home LAN on 192.168/16. It’s possible to get a cert from LE just with a domain and not an HTTP server using the DNS challenge through the dehydrated client. but then each home user will need to buy a domain.

Thus the need to pay $15 per year to Gandi or another registrar to continue to renew a domain for your home LAN will replace a certificate as the recurring cost.

1 Like

Donating an amount to a free service equal to what I’d pay to another service doesn’t sound good to me. This way there is no difference between them. So what’s free here? Except my time.

I was initially scared seeing that support from places like 1&1 wasn’t there (since they want to sell their overpriced service to get them in)… but since I’m running a VPS with plesk I had more options. Looks like this already has support via extensions, and after using it…

I am sold on the service. It’s a two-click process (or three, if you get the checkbox), and handles the under-the-covers configuration for domains. It saves me a huge amount of time and effort on a task I hate doing.

I agree with @abatishchev. There is a cost for Let’s Encrypt to provide their service - nothing is truly free. But suggesting we pay what we would have paid to another company means we are just making them the biggest for-profit company in the certificates market.

It seems disingenuous (or maybe you didn’t know) not to mention that many of their services are already subsidised. For example, their own root certificate is provided by an existing player and used to be signed by Global Sign (now IdenTrust, I think). The project is part of Internet Security Research Group (ISRG) which is a tax exempt organization based in California which is supported by several large institutions.

And it’s worth pointing out that they are not asking for anything like this kind of contribution. They are saying their monthly costs are $200,000 and they are looking for support to cover this base amount. Its a shame they are not being a bit more transparent and breaking this down into their specific costs such as processing, salaries, offices, heat and light so potential donors can see how their contributions are likely to be used.

I don’t have password or credit card fields on my form on the website, and chrome still shows alert. Why? Is email-id also the sensitive field?

You can proclaim the “right” to privacy as loudly as you want, but no one behind one of the great firewalls will hear you if your HTTPS-only site is summarily blocked. You are not giving these people privacy, you are taking away their access to information.

And there are also large parts of the earth that do not enjoy to the low latency links that we righteous protocol dictators take for granted. HTTPS (and /2) kill local caches and force EVERY page to be re-transmitted to the individual browser rather than served locally. A primary school student sitting at the other end of a 128Kbps down-link in sub-Saharan Africa does not care that the Wikipedia article that she is trying to pull up would have been encrypted for her safety… because she never sees it. Her school bandwidth allotment was exhausted hours ago by the previous 25 students who pulled up redundantly-downloaded copies of that same article earlier that day.

If you care about offering privacy to the people who actually want it, why not give people a choice between HTTP and HTTPS and let users pick which way they want to (or must) access your site? Be careful anytime you find yourself by restricting other peoples’ choices based on your beliefs - especially other people you’ve never met who live in situations very different than yours.

https://wp.josh.com/2016/04/01/googles-war-on-http/

Hmm. That’s an odd thing to know and track. I don’t remember that being on my protonmail app, so how would they know?

Otherwise, what’s the goal of an assertion like that if it’s completely unfounded?

The sub-Saharan school can run its own caching MITM and have student machines trust that particular MITM’s CA.

Uh, guys, HTTPS not caching is a zombie assertion from the 90’s, maybe early 00’s. This is 2016 now, stop resurrecting long-dead myths.

Browsers all cache HTTPS unless the HTTP Cache-Control: no-cache header is set, or Expires is set to prevent caching, precisely because browser vendors realized that HTTPS is about preventing MITM attacks, not local exploit attacks, long ago. You can try it for yourself; access a few HTTPS sites and check your cache.

Now that the web is galloping toward encryption, the need to remember old lessons is reinforced, and no one is going to cripple mobile and third-world users just to prove an unnecessary point.

1 Like

The browser does cache HTTPS content locally on the machine, but this does not help with repeat pageloads across a bunch of machines (and now casual phones over wifi) connected to a caching proxy server at the end of a slow link, which is the typical case.

2 Likes

Hmmmm… This is an odd suggestion considering the claimed goal of adding HTTPS in the first place was to increase users’ privacy and security. By adding a locally trusted CA, you make it so that every page that passes though the cache (including HTTPS) can be intercepted, inspected, and modified.

“We have decided that it is very important that every page you load be protected, so we are making it so that none of your pages are protected!”.

Things get complicated when you start forcing your choices on others…

There is a big difference: Trump does not behave rationally. Who knows what he will do. Temperamentally, he is all over the map, known to harbor deep grudges over insignificant things. He is already engaging in nepotism and cronyism as the president elect. Trump is the least trustworthy president to be elected in the last hundred years, barring perhaps Nixon. I have no problem with Republican vs. Democrat, frankly I couldn’t care less – but leadership qualities matter, and Trump has only negative qualities in that department in my opinion. cc @jbinaz

I beleve their FAQs cover this but the logic is that the automation is the important part whether the certs are valid for a year or 90 days and I agree.

It is up to you how much you want to donate and how often, unlike a pay service. Use your imagination.

Just search for it. The info is out there: What It Costs to Run Let's Encrypt - Let's Encrypt

1 Like

Exhibit A: Your ISP is Not Your Friend

On the modern Internet, ISPs themselves are one of your threats (both your ISP and other people’s ISPs). ISPs routinely monitor traffic, intercept traffic, modify traffic on the fly both for outgoing requests (eg) and for incoming replies from web servers (‘helpfully’ injecting hostile JavaScript and HTML into pages is now commonplace), and do other malfeasance. To a certain extent this is more common on mobile Internet than on good old fashioned fixed Internet, but this is not particularly reassuring; an increasing amount of traffic is from mobile devices, and ISPs are or will be adding this sort of stuff to fixed Internet as well because it makes them more money and they like cash.

There is always a tradeoff between security and convenience. If you’re in an Internet desert, such as sub-Saharan Africa, privacy from the ISP may be one of the things you need to sacrifice in order to make repeated retrievals of static resources usably efficient.

Yet this sacrifice loses less privacy overall than going all the way back to cleartext HTTP. As I wrote above in reply to @JimBirch, three people being able to see the communication (the sender, the recipient, and a caching proxy run by an organization that the recipient has chosen to trust) are a lot fewer than every router on the path being able to see it, which is true of cleartext HTTP.

You mentioned “forcing your choices on others”. ISPs in countries in sub-Saharan Africa have already forced their choices on you by charging subscribers in those countries far more than ISPs in other countries charge for a usably fast link.

1 Like

I used to go to google.com as a ping server when connecting to WiFi in a public place like an airport.
Now I use wsj.com because going to google.com will be intercepted and navigation canceled since google.com is now HTTPS.
We should be fine with universal HTTPS as long as some known website is there that will redirect us to airport wifi License Agreement page.
Or change the technology in public WiFi to handle HTTPS redirection.

1 Like

I think HTTPS is not secure enough. There are a lot fake SSL certificates.

Can you cite any sources for “lot of fake certificates”? I believe any cert authority that pulls shenanigans has their certificates globally revoked…

1 Like

When I discussed this elsewhere, someone else provided a few more examples where a caching proxy might not solve a primary school’s bandwidth woes.

  • Your Wikipedia example assumes that all students will be viewing the same articles, as opposed to following hyperlinks to cited sources or to other Wikipedia articles. If you want to save bandwidth by setting up what amounts to a CDN, do so explicitly. Download each article and its resources, and serve them from a mirror on the LAN.
  • What if that primary school student is researching something politically sensitive, such as reproductive health? Or her sexuality? Also that’s the age of formative development. What if she believes she might be transsexual and is trying to learn?

And lack of caching is nowhere near the biggest danger on a 128 kbps capped link.

  • A student accidentally left a tab open and the AJAX script constantly refreshing some widget ate up all the data.
  • Or the student couldn’t learn because the pictures didn’t load when the lazy-loading script timed out.
  • Or an ad-supported website’s anti-adblock script disables access to an article because the user failed to load several megabytes of advertisements along with a 2000-word article.
4 Likes

So, I don’t mean to be antagonistic, but why would I spend $99 (after the first 15 free scans) to get a report from your app that I can get for free all day over at SSL Labs?

1 Like

I guess I’m an amateur when it comes to this, but I just have to ask: what about CAcert?

I came across it a while ago for a different reason, and found out that they too issue free certificates, provided you prove your control of the domain. I know that the reason nobody uses it is obvious; they don’t have their root certificate in any major browser yet. However, if everyone just ignores the free CAs that don’t have their certificate installed, then won’t everyone who wants free certificates be forced to use LetsEncrypt?

It seems odd that, in response to big, corporate CAs, we’re going to use one singular free CA. It guess it frustrates me a little that if I want a free (usable) certificate, I have no choice on where to get it. Anyway, does anyone know why I can’t seem to find very many people advocating for additional free CAs?