from the getting-to-the-root-of-the-issue dept.
Submitted via IRC for Bytram
Let's Encrypt to transition to ISRG root
Let's Encrypt have announced that on July 8th, 2019 they will begin issuing new certificates from their own intermediate CA and not their current cross-signed intermediate. Here's what that means and what action, if any, site operators need to take.
[...] Like all new CAs, Let's Encrypt began life with a cross-signature. Cross-signing is a trick that CAs can use to avoid the years long process of becoming a root CA. It genuinely does take many years to go through this process and Let's Encrypt wouldn't have been able to issue any certificates over the last 3+ years without a cross-sign.
[...] In short, Let's Encrypt currently issue from their cross-signed intermediate, which is issued to them by IdenTrust. IdenTrust have been a CA for many years and even old, legacy clients recognise them as a CA. When you get a certificate from Let's Encrypt right now it is issued by the cross-signed X3 intermediate which chains to the IdenTrust root. Now that Let's Encrypt's ISRG root is widely trusted, they can instead switch to issuing from their own X3 intermediate instead of the cross-signed one. This is a big step forwards for them and will likely not mean anything to the vast majority of their users. There are a few considerations though.
Useful links and information
Let's Encrypt transition announcement: https://letsencrypt.org/2019/04/15/transitioning-to-isrg-root.html
Let's Encrypt ISRG root coverage: https://letsencrypt.org/2018/08/06/trusted-by-all-major-root-programs.html
The Best TLS Training in the World: https://www.feistyduck.com/training/the-best-ssl-and-tls-training-in-the-world
Related Stories
Professor J. Alex Halderman, the noted election security researcher, along with his co-authors, have published a summary of Let's Encrypt, its components, and what it does. (Warning for PDF.) The service Let's Encrypt is a free, automated, open certificate authority (CA) to provide TLS certificates. These are usually for web sites, enabling them to provide HTTPS connections.
Since its launch in late 2015, Let's Encrypt has grown to become the world's largest HTTPS CA, accounting for more currently valid certificates than all other browser-trusted CAs combined. By January 2019, it had issued over 538 million certificates for 223 million domain names. We describe how we built Let's Encrypt, including the architecture of the CA software system (Boulder) and the structure of the organization that operates it (ISRG), and we discuss lessons learned from the experience. We also describe the design of ACME, the IETF-standard protocol we created to automate CA–server interactions and certificate issuance, and survey the diverse ecosystem of ACME clients, including Certbot, a software agent we created to automate HTTPS deployment. Finally, we measure Let's Encrypt's impact on the Web and the CA ecosystem. We hope that the success of Let's Encrypt can provide a model for further enhancements to the Web PKI and for future Internet security infrastructure.
[...] Prior to our work, a major barrier to wider HTTPS adoption was that deploying it was complicated, expensive, and error-prone for server operators. Let's Encrypt overcomes these through a strategy of automation: identity validation, certificate issuance, and server configuration are fully robotic, which also results in low marginal costs and enables the CA to provide certificates at no charge. We designed Let's Encrypt to scale to the size of the entire Web. In just over three years of operation, it is well on its way: it has issued over 538 million certificates and accounts for more valid browser-trusted certificates than all other CAs combined. We hope that in the near future, clients will start using HTTPS as the default Web transport. Eventually, we may marvel that there was ever a time when Web traffic traveled over the Internet as plaintext.
Let's Encrypt: An Automated Certificate Authority to Encrypt the Entire Web, Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, Pages 2473-2487 (DOI: 10.1145/3319535.3363192
Earlier on SN:
Let's Encrypt to Transition to ISRG Root (2019)
Three Years Later, Let's Encrypt Has Issued Over 380 Million HTTPS Certificates (2018)
Let's Encrypt is Now Officially Trusted by All Major Root Programs (2018)
Let's Encrypt Takes Free "Wildcard" Certificates Live (2018)
Free Certs Come With a Cost (2017)
Let's Encrypt Issues 100 Millionth Certificate (2017)
Let's Encrypt Won its Comodo Trademark Battle - but Now Fan Tools Must Rename (2016)
Let's Encrypt Gets Automation (2015)
Let's Encrypt, the non-profit certificate authority which provides X.509 certificates for Transport Layer Security encryption at no charge, has an update on the progress towards universal acknowledgement of its root certificate in software and firmware. The cross signature which it has purchased will expire next September, so there is a hard deadline for finalization. There are only a few barriers remaining, one of which is the old versions of Android still in use.
Currently, 66.2% of Android devices are running version 7.1 or above. The remaining 33.8% of Android devices will eventually start getting certificate errors when users visit sites that have a Let's Encrypt certificate. In our communications with large integrators, we have found that this represents around 1-5% of traffic to their sites. Hopefully these numbers will be lower by the time DST Root X3 expires next year, but the change may not be very significant.
What can we do about this? Well, while we'd love to improve the Android update situation, there's not much we can do there. We also can't afford to buy the world a new phone. Can we get another cross-signature? We've explored this option and it seems unlikely. It's a big risk for a CA to cross-sign another CA's certificate, since they become responsible for everything that CA does. That also means the recipient of the cross-signature has to follow all the procedures laid out by the cross-signing CA. It's important for us to be able to stand on our own. Also, the Android update problem doesn't seem to be going away. If we commit ourselves to supporting old Android versions, we would commit ourselves to seeking cross-signatures from other CAs indefinitely.
It's quite a bind. We're committed to everybody on the planet having secure and privacy-respecting communications. And we know that the people most affected by the Android update problem are those we most want to help - people who may not be able to buy a new phone every four years. Unfortunately, we don't expect the Android usage numbers to change much prior to ISRG Root X1's expiration. By raising awareness of this change now, we hope to help our community to find the best path forward.
The Internet Archive has retained a copy of the original announcement for Let's Encrypt.
Previously:
(2020) Let's Encrypt Pushes Back Deadline to Revoke Some TLS Certificates
(2020) HTTPS for All: Let's Encrypt Reaches One Billion Certificates Issued [Updated]
(2019) Let's Encrypt: An Automated Certificate Authority to Encrypt the Entire Web
(2019) Let's Encrypt to Transition to ISRG Root
(2018) Let's Encrypt is Now Officially Trusted by All Major Root Programs
(Score: 0) by Anonymous Coward on Tuesday April 23 2019, @05:49PM (7 children)
LE recdently broke http verification for me. i had scripts automating all my certs and they all recently quit working (in the last 3 months). had to use dns verification, which works well but is more of a pain to automate from what i can tell. LE doesn't seem to put much thought into user experience when they make decisions, though to their credit people try tohelp in the forum. i would rather more time be spent up front so it's easier int the first place. also, 3 months is still bullshit and seems to show their attitude towards usability, imho.
(Score: 0) by Anonymous Coward on Tuesday April 23 2019, @06:40PM (1 child)
I don't even know what HTTTP is...
I am so far behind the times it seems.
(Score: 2) by Bot on Tuesday April 23 2019, @07:40PM
HTTTP is hyper text tunnel transport protocol, a way to talk in general about encrypted connections of whatever kind, from https to vpn to onion routing.
Of course I made this bullsh!t up on the spot.
Account abandoned.
(Score: 0) by Anonymous Coward on Tuesday April 23 2019, @07:18PM (2 children)
Hopefully you're only using LE for personal sites? 3 months and a cron job is good enough for that.
I mean, if you're using LE for business, maybe you shouldn't. It costs money to make money. That's capitalism, folks.
(Score: 4, Informative) by The Shire on Tuesday April 23 2019, @08:28PM (1 child)
Have you looked at this sites cert?
LE is an excellent cost effective business choice. If you think end users care if your domain name is in green lettering or if it's just the green padlock or that they even know what an ssl certificate is, you're sorely mistaken. The only thing a user cares about is if their browser barks at them that they're submitting info over an unencrypted connection or that the site certificate can't be verified. LE certs prevent both of those things from happening.
Any business that doesn't look at LE first for general site encryption (ie: Home page, customer support, etc), then that's a business that's throwing money out the door for no good reason.
(Score: 0) by Anonymous Coward on Wednesday April 24 2019, @02:01AM
Also with Expect-CT, you can require conforming user agents to reject connections with an invalid SCT signature. Coupled with a report endpoint and a script to check for CT reports, you've got a pretty good solution for stopping phishing attempts on your domains along with TLS certificates for free.
(Score: 2) by The Shire on Tuesday April 23 2019, @08:23PM (1 child)
Broke how? I've been running literally hundreds of domains on LE using http verification without any interuptions.
And a 3 month renew target is trivial to handle through automation.
(Score: 0) by Anonymous Coward on Wednesday April 24 2019, @06:38PM
idk. http verification just quit working. i had it scripted too. it worked for well over a year i'm guessing. ran it manually and the terminal and it wouldn't work. i don't remember what assinine message it gave me. i didn't change anything with my script or config except update certbot and the web server stack. i din't have time to try and figure out exactly how i had been sabotaged so i just used dns verification which worked without issue, but the way it's expected to be used is not automation friendly. Even the way the dns challenge script works it's obvious that no thought was given to it's usability. it works, but goddamn!
(Score: 0) by Anonymous Coward on Wednesday April 24 2019, @06:57AM (1 child)
0: Promote exploit of online systems via state actors, and general platform insecurity via not holding companies extremely liable for breeches.
1: Offer free encryption to the Internet. "Let's Encrypt"
2: Firefox et. al. arbitrarily disable new HTML features over non-HTTP links.
3: Require that all connections are signed via a Certificate Authority (read: Mandated man in the middle).
4: Yay! The Internet Is Secure! Trust us! It's for your protection!
5: Except for that guy, because the govs don't like what he says, so they coerce the CA to give them a cert to MITM his connection.
6: Hey, that guy is a radical "leftist" "rightist" "centrist" "[random] denialist", tell all CAs not to give that guy a certificate.
7: Silence is not Golden, is is Deafening.
Fuck "Let's Encrypt". I don't need encryption for my HAM radio blog updated by hand editing HTML.
Protip: Once "security" is mandated online. The Great Internet Experiment will be over. Long live Pirate Packet Radio!
It's still illegal for citizens to run a store and forward packet radio network... because we were building it before the easy-to-spy-on-wired Internet existed... and that dumb wired shit would have been stillborn.
You'd have to build listening towers EVERYWHERE to spy on a store and forward network that would allow you to query your neighbors for the popular cat vid they emailed you about. No mandated routes to some centralized source, much harder to track... more secure. "Oh Noes! You can't do that, think of the interference!" Cell Phones now exist. Damn sheeple. "Free cert?! Wowzers! Sign me up!" You'd sign your death warrant if it came with a free copy of Tetris.
(Score: 0) by Anonymous Coward on Wednesday April 24 2019, @12:40PM
You really, really need to learn to make your case. This is a sorry mess and I have no idea what you're trying to desperately communicate. Also, humor is a notoriously difficult genre, suggest you don't try it again till say in 5 years.