Professor J. Alex Halderman, the noted election security researcher, along with his co-authors, have published a summary of Let's Encrypt, its components, and what it does. (Warning for PDF.) The service Let's Encrypt is a free, automated, open certificate authority (CA) to provide TLS certificates. These are usually for web sites, enabling them to provide HTTPS connections.
Since its launch in late 2015, Let’s Encrypt has grown to become the world’s largest HTTPS CA, accounting for more currently valid certificates than all other browser-trusted CAs combined. By January 2019, it had issued over 538 million certificates for 223 million domain names. We describe how we built Let’s Encrypt, including the architecture of the CA software system (Boulder) and the structure of the organization that operates it (ISRG), and we discuss lessons learned from the experience. We also describe the design of ACME, the IETF-standard protocol we created to automate CA–server interactions and certificate issuance, and survey the diverse ecosystem of ACME clients, including Certbot, a software agent we created to automate HTTPS deployment. Finally, we measure Let’s Encrypt’s impact on the Web and the CA ecosystem. We hope that the success of Let’s Encrypt can provide a model for further enhancements to the Web PKI and for future Internet security infrastructure.
[...] Prior to our work, a major barrier to wider HTTPS adoption was that deploying it was complicated, expensive, and error-prone for server operators. Let’s Encrypt overcomes these through a strategy of automation: identity validation, certificate issuance, and server configuration are fully robotic, which also results in low marginal costs and enables the CA to provide certificates at no charge. We designed Let’s Encrypt to scale to the size of the entire Web. In just over three years of operation, it is well on its way: it has issued over 538 million certificates and accounts for more valid browser-trusted certificates than all other CAs combined. We hope that in the near future, clients will start using HTTPS as the default Web transport. Eventually, we may marvel that there was ever a time when Web traffic traveled over the Internet as plaintext.
Let's Encrypt: An Automated Certificate Authority to Encrypt the Entire Web, Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, Pages 2473-2487 (DOI: 10.1145/3319535.3363192
El Reg reports:
Hoping to expand the pool of Let's Encrypt testers, TrueCrypt audit project co-founder Kenneth White has run up a set of scripts to automate the process of installing certificates under the Mozilla-backed open CA.
White, co-director of the Open Crypto Audit Project, has posted the work at Github, here. He explains that the project is quite simple, consisting of Python scripts to "stand up the official Let's Encrypt certificate management ACME client tool" in the target environments.
These include Debian, Amazon's Linux (for AWS), CentOS, RedHat, and FreeBSD.
[...]White says [...] the official client "can be fragile and error-prone on some systems".
Having had to batter his own head against the client, White [...] says he cleaned up the process in his scripts to make Let's Encrypt more accessible to other users.
He warns against running either the Let's Encrypt client or his scripts in production systems:
"LE is still in beta and has some rough edges", White notes, "including silently invoking sudo and installing quite a few development packages".
Popular Bash shell script LetsEncrypt.sh, which is used to manage free SSL/TLS certificates from the Let's Encrypt project, has renamed this week to avoid a trademark row. This comes in the wake of Let's Encrypt successfully fending off Comodo, which tried to cynically snatch "Let's Encrypt" for itself.
LetsEncrypt.sh, written by Germany-based Lukas Schauer, is now known as Dehydrated. If you have scripts or apps that rely on pulling in his code and running it, they may stop working as a result of the name change. Dehydrated is developed independently by Schauer and is not officially affiliated with Let's Encrypt.
"This project was renamed from letsencrypt.sh because the original name was violating Let's Encrypt's trademark policy. I know that this results in quite a lot of installations failing but I didn't have a choice," reads the new Dehydrated README.
[...] Full disclosure: This article's author uses Let's Encrypt to provide HTTPS encryption for his personal websites. And you should use it too.
Let's Encrypt, a Certificate Authority (CA) managed by a non-profit organization whose members include Mozilla and the Electronic Frontier Foundation, among others, reached a milestone of 100 million issued certificates.
[...] When Let's Encrypt's service was first made available, less than 40% of the web was using HTTPS encryption, a milestone that took 20 years to reach, according to the nonprofit. Let's Encrypt has been available for less than two years, and due largely to its free service, 58% of the web now uses HTTPS encryption.
Let's Encrypt is the largest certificate authority by volume doling out more than 100,000 free domain certificates a day. The non-profit fulfills a noble mission of securing website communications that is applauded across the internet; it has raised the bar on SSL and TLS security, issuing 100 million HTTPS certificates as of June 2017.
However, despite industry accolades by privacy activists and praise from those in the security community for its mission, some critics are sounding alarm bells and warning that Let's Encrypt might be guilty of going too far, too fast, and delivering too much of a good thing without the right checks and balances in place.
[...] "Unsuspecting users might think they are communicating with trustworthy sites because the identity of the site has been validated by a CA, without realizing that these are just domain validation certificates with no assurance about the identity of the organization that owns the site," said Asif Karel, director of product management at Qualys.
[...] "Let's Encrypt can absolutely be abused," said Josh Aas, executive director of the Internet Security Research Group, the organization that oversees Let's Encrypt. "But so can't any other certificate authority. People act like Let's Encrypt is the first CA to be abused. This is preposterous."
[...] Jett and others applaud the accomplishments of Let's Encrypt, but believe the organization, founded by Mozilla, Cisco and the Electronic Frontier Foundation, is in a unique position to take a leadership role that could be used to crack down on certificate abuse when it comes to better vetting of applicants in order to weed out criminals.
Arstechnica reports
In July of 2017, the nonprofit certificate authority Let's Encrypt promised to deliver something that would put secure websites and Web applications within reach of any Internet user: free "wildcard" certificates to enable secure HTTP connections for entire domains. Today, Let's Encrypt took that promised service live, in addition to a new version of the Automated Certificate Management Environment (ACME) protocol, an interface that can be used by a variety of client software packages to automate verification of certificate requests.
[....]Many hosting providers already support the registration of Let's Encrypt certificates to varying degrees. But Let's Encrypt's free certificate offering hasn't been snapped up by some larger hosting providers—such as GoDaddy—who also sell SSL certificates to their customers.
Let's Encrypt announced yesterday that they are now directly trusted by all major root certificate programs including those from Microsoft, Google, Apple, Mozilla, Oracle, and Blackberry. With this announcement, Let's Encrypt is now directly trusted by all major browsers and operating systems.
[...] At the end of July 2018, Let's Encrypt received direct trust from Microsoft products, which resulted in it being trusted by all major root programs. The CA's certificates are cross-signed by IdenTrust, and have been widely trusted since the beginning.
"Browsers and operating systems have not, by default, directly trusted Let's Encrypt certificates, but they trust IdenTrust, and IdenTrust trusts us, so we are trusted indirectly. IdenTrust is a critical partner in our effort to secure the Web, as they have allowed us to provide widely trusted certificates from day one," noted Josh Aas, Executive Director of ISRG.
[...] While some of these [older operating systems, browsers, and devices] are expected to be updated to trust the CA, others won't, and it might take at least five more years until most of them cycle out of the Web ecosystem. Until that happens, Let's Encrypt will continue to use a cross signature [from IdenTrust].
The free-to-use nonprofit was founded in 2014 in part by the Electronic Frontier Foundation and is backed by Akamai, Google, Facebook, Mozilla and more. Three years ago Friday, it issued its first certificate.
Since then, the numbers have exploded. To date, more than 380 million certificates have been issued on 129 million unique domains. That also makes it the largest certificate issuer in the world, by far.
Now, 75 percent of all Firefox traffic is HTTPS, according to public Firefox data — in part thanks to Let's Encrypt. That's a massive increase from when it was founded, where only 38 percent of website page loads were served over an HTTPS encrypted connection.
"Change at that speed and scale is incredible," a spokesperson told TechCrunch. "Let's Encrypt isn't solely responsible for this change, but we certainly catalyzed it."
Let's Encrypt to transition to ISRG root
Let's Encrypt have announced that on July 8th, 2019 they will begin issuing new certificates from their own intermediate CA and not their current cross-signed intermediate. Here's what that means and what action, if any, site operators need to take.
[...] Like all new CAs, Let's Encrypt began life with a cross-signature. Cross-signing is a trick that CAs can use to avoid the years long process of becoming a root CA. It genuinely does take many years to go through this process and Let's Encrypt wouldn't have been able to issue any certificates over the last 3+ years without a cross-sign.
[...] In short, Let's Encrypt currently issue from their cross-signed intermediate, which is issued to them by IdenTrust. IdenTrust have been a CA for many years and even old, legacy clients recognise them as a CA. When you get a certificate from Let's Encrypt right now it is issued by the cross-signed X3 intermediate which chains to the IdenTrust root. Now that Let's Encrypt's ISRG root is widely trusted, they can instead switch to issuing from their own X3 intermediate instead of the cross-signed one. This is a big step forwards for them and will likely not mean anything to the vast majority of their users. There are a few considerations though.
(Score: 2, Interesting) by Anonymous Coward on Tuesday November 19, @03:14PM (2 children)
And if so, what is the general impression?
(Score: 1, Informative) by Anonymous Coward on Tuesday November 19, @03:23PM
In (most?) modern browsers, you can click on the padlock and get all kinds of details, including (fairly prominently, I think) the name of the CA which issued the certificate. On this site, Let's Encrypt.
(Score: 3, Informative) by martyb on Tuesday November 19, @03:45PM
For the most part, yes. There may be a couple non-LE certs still in use, but for the majority of use cases, Let's Encrypt has been working fine for us.
It's generally available information, so feel free to take a look at these links if you are curious:
(I don't know why, but comment preview seems to de-HTML any attempt at providing a clickable link here.)
Though we could make it totally automated, given the problems that could arise if something went wrong, we prefer to automate only a portion of the process. We require manual intervention and verification before new certs get rolled out.
Wit is intellect, dancing.
(Score: 3, Interesting) by ikanreed on Tuesday November 19, @03:22PM (1 child)
It's not without reason to believe a hacker with temporary non-elevated control of a server couldn't successfully follow the automated process as part of an intrusion. Then you could effectively MITM that server for years, and no one would know about it.
(Score: 4, Interesting) by isostatic on Tuesday November 19, @03:31PM
First you would need to have control to serve pages on port 80. Lets assume you get that, LE Certificates are only valid for 90 days, so MITMing that server for "years" wouldn't be possible. You could do exactly the same with a certificate from elsewhere, except those certificates do last years (2 years)
You could do the same thing if you can hijack BGP too
Certificate transparency will show up so your legitimate server admin, and your DNS admin can set a CAA record to prevent it from happening.