security Be Careful : Million "Let's Encrypt" SSL Certificates will be revoked!

[Pay.My.id]

Due to a bug in CAA code, Let’s Encrypt , free SSL certificate authority , will revoke 3 million SSL Certificates! Unless you renew your certificate before their revocation, your website users will see a RED SECURITY warning on your websites. That is a sign to potentially push your customers away from you and I think you want to avoid it.

 

[7363824]

I am surprised for any many spam, scam, phishing sites that use a free let encrypt cert that browser's still accept them without even so much as a notice to the user that the identity of the site owner has not been verified.

 

[Pay.My.id]

I am surprised for any many spam, scam, phishing sites that use a free let encrypt cert that browser's still accept them without even so much as a notice to the user that the identity of the site owner has not been verified.

Alternatively we could use free Cloudflare SSL, or other trusted free SSL

 

[7363824]

Alternatively we could use free Cloudflare SSL, or other trusted free SSL

That's good enough for a personal site but for a business site, especially one that has a login and.or credit card processing I still think it's worth it to buy an OV (Organizational Validation) certificate which proves the identity of the website owner too.

 

[branding]

I am surprised for any many spam, scam, phishing sites that use a free let encrypt cert that browser's still accept them without even so much as a notice to the user that the identity of the site owner has not been verified.

That's because neither the payed ones require identity verification. They're just domain validated and let you know you're on a secure encrypted connection. Nothing more, nothing less.

 

[Paul]

Though it goes without saying, these comments reflect my own experience and opinions, not those of NamePros.

I am surprised for any many spam, scam, phishing sites that use a free let encrypt cert that browser's still accept them without even so much as a notice to the user that the identity of the site owner has not been verified.

DV certificates make no assertion about identity or intentions of the entity in control of a website. It was just as trivial for attackers to get DV certificates prior to Let's Encrypt. LE wasn't the first to provide free DV certificates, and they won't be the last.

DV certificates offer encryption and authentication of the domain--hence the name "domain validation" (DV). They do not authenticate the entity controlling the domain. It's vital that all websites be able to easily obtain and implement at least DV certificates.

Let's Encrypt has a stellar record, and this occurrence is a testament to that. Other notable CAs that often charge quite a bit for their certificates have gotten in big trouble because they made far more serious mistakes and refused to respond appropriately.

Edit: Keep in mind that Let's Encrypt is a strong proponent of certificate transparency. That is a far more effective mitigation for abuse than a small annual fee that someone can pay with a stolen credit card.

OV SSL is one the best option than standar SSL

OV certificates make very little difference. You may be thinking of EV, but even then the efficacy is dubious at best.

 

[Pay.My.id]

Though it goes without saying, these comments reflect my own experience and opinions, not those of NamePros.



DV certificates make no assertion about identity or intentions of the entity in control of a website. It was just as trivial for attackers to get DV certificates prior to Let's Encrypt. LE wasn't the first to provide free DV certificates, and they won't be the last.

DV certificates offer encryption and authentication of the domain--hence the name "domain validation" (DV). They do not authenticate the entity controlling the domain. It's vital that all websites be able to easily obtain and implement at least DV certificates.

Let's Encrypt has a stellar record, and this occurrence is a testament to that. Other notable CAs that often charge quite a bit for their certificates have gotten in big trouble because they made far more serious mistakes and refused to respond appropriately.

Edit: Keep in mind that Let's Encrypt is a strong proponent of certificate transparency. That is a far more effective mitigation for abuse than a small annual fee that someone can pay with a stolen credit card.



OV certificates make very little difference. You may be thinking of EV, but even then the efficacy is dubious at best.

Yes, I mean EV. Thank @Paul Buonopane to correct it

 

[7363824]

Though it goes without saying, these comments reflect my own experience and opinions, not those of NamePros.



DV certificates make no assertion about identity or intentions of the entity in control of a website. It was just as trivial for attackers to get DV certificates prior to Let's Encrypt. LE wasn't the first to provide free DV certificates, and they won't be the last.

DV certificates offer encryption and authentication of the domain--hence the name "domain validation" (DV). They do not authenticate the entity controlling the domain. It's vital that all websites be able to easily obtain and implement at least DV certificates.

Let's Encrypt has a stellar record, and this occurrence is a testament to that. Other notable CAs that often charge quite a bit for their certificates have gotten in big trouble because they made far more serious mistakes and refused to respond appropriately.

Edit: Keep in mind that Let's Encrypt is a strong proponent of certificate transparency. That is a far more effective mitigation for abuse than a small annual fee that someone can pay with a stolen credit card.



OV certificates make very little difference. You may be thinking of EV, but even then the efficacy is dubious at best.

I think the biggest problem is that in addition to only being DV, LE certs cost nothing, and probably get 0 human review even after the fact. Reminds me of something I heard recently:

Research conducted back on on March 20th, 2017 revealed that Let’s Encrypt had issued 15,270 "PayPal" certificates -- certificates either containing the term “PayPal” or some visual look alike phrase. The actual "PayPal" certificate is an extended validation EV cert obtained, as is mine, from DigiCert. Imagine how PayPal feels about having 15,270 lookalike certificates issued to secure spoofing domains created to confuse their users.And this is why I believe it would be useful and meaningful to users to have our web browsers indicate when a website is being protected by a certificate what was obtained by an organization that some human took a few minutes to verify and vet.

(Source: https://www.grc.com/sn/sn-756-notes.pdf , Pg 2)

 

[equity78]

Though it goes without saying, these comments reflect my own experience and opinions, not those of NamePros.



DV certificates make no assertion about identity or intentions of the entity in control of a website. It was just as trivial for attackers to get DV certificates prior to Let's Encrypt. LE wasn't the first to provide free DV certificates, and they won't be the last.

DV certificates offer encryption and authentication of the domain--hence the name "domain validation" (DV). They do not authenticate the entity controlling the domain. It's vital that all websites be able to easily obtain and implement at least DV certificates.

Let's Encrypt has a stellar record, and this occurrence is a testament to that. Other notable CAs that often charge quite a bit for their certificates have gotten in big trouble because they made far more serious mistakes and refused to respond appropriately.

Edit: Keep in mind that Let's Encrypt is a strong proponent of certificate transparency. That is a far more effective mitigation for abuse than a small annual fee that someone can pay with a stolen credit card.



OV certificates make very little difference. You may be thinking of EV, but even then the efficacy is dubious at best.

So what is the best or most authoritative for ecommerce and other password protected websites?

 

[7363824]

So what is the best or most authoritative for ecommerce and other password protected websites?

I think @Paul Buonopane would agree, the best is Extended Validation EV but those do not come cheap. And unfortunately the browsers have stopped marking EV certs which IMO was an important trust signal to users (see https://www.computerworld.com/artic...expunge-extended-validation-cert-signals.html).

OV or Organization Validation are a middle ground that require some verifdication of who the website operator is but not as in depth and EV and didn't include the additional visual green bar that EV once did.

 

[branding]

It really doesn't matter. If you want to run a scam, an EV is just as easy to obtain as a DV. It costs money and leaves an additional trail so you'll see less fishing sites using an EV but technically there's no difference.

If you were to run a proper scam an EV is actually the way to go.

Don't trust a site just because it's using TLS/SSL. Those days have long gone.

 

[Pay.My.id]

It really doesn't matter. If you want to run a scam, an EV is just as easy to obtain as a DV. It costs money and leaves an additional trail so you'll see less fishing sites using an EV but technically there's no difference.

If you were to run a proper scam an EV is actually the way to go.

Don't trust a site just because it's using TLS/SSL. Those days have long gone.

I feel your opinion is relevant , we need more than SSL or whatever people called as online trust standard. Reputation isn't about SSL , its only one of trust signal

 

[7363824]

It really doesn't matter. If you want to run a scam, an EV is just as easy to obtain as a DV. It costs money and leaves an additional trail so you'll see less fishing sites using an EV but technically there's no difference.

If you were to run a proper scam an EV is actually the way to go.

Don't trust a site just because it's using TLS/SSL. Those days have long gone.

There's a lot of verification required for an EV certificate. Not bulletproof, but not trivial either.

For example you need to provide one of:

1. Your company’s Dun & Bradstreet number
2. A letter from a Certified Public Accountant to verify your business
3. A letter registering a legal opinion, or a letter from a Latin Notary, to confirm your EV request.
4. (For government entities only) A legal opinion letter verifying a government organization

Then the following checks are performed:

• Verify Legal Existence and Identity by verifying the organization registration directly with the incorporating or registration agency.
• Verify Trade/Assumed Name (if necessary)- this is only applicable if the company does business under a name which is different from the official name of their corporation. The company’s trade name must be registered and verifiable.
• Verify Operational Existence – typically this means confirming that the company has a current active demand deposit account with a regulated financial institution to verify that the company is able to conduct business operations.
• Verify Physical Existence through the company’s address and organization phone number.
• Verify Domain Ownership via a WHOIS search.
• Verify the name, title, authority and signature of the person(s) involved in requesting the certificate and agreeing to the terms and conditions.

From: https://www.ssl.com/faqs/what-are-the-requirements-for-ssl-com-ev-certificates/

Generally OV are much simpler but at least are a little more robust than just a DV.

 

[branding]

There's a lot of verification required for an EV certificate. Not bulletproof, but not trivial either.

For example you need to provide one of:

1. Your company’s Dun & Bradstreet number
2. A letter from a Certified Public Accountant to verify your business
3. A letter registering a legal opinion, or a letter from a Latin Notary, to confirm your EV request.
4. (For government entities only) A legal opinion letter verifying a government organization

Then the following checks are performed:

• Verify Legal Existence and Identity by verifying the organization registration directly with the incorporating or registration agency.
• Verify Trade/Assumed Name (if necessary)- this is only applicable if the company does business under a name which is different from the official name of their corporation. The company’s trade name must be registered and verifiable.
• Verify Operational Existence – typically this means confirming that the company has a current active demand deposit account with a regulated financial institution to verify that the company is able to conduct business operations.
• Verify Physical Existence through the company’s address and organization phone number.
• Verify Domain Ownership via a WHOIS search.
• Verify the name, title, authority and signature of the person(s) involved in requesting the certificate and agreeing to the terms and conditions.

From: https://www.ssl.com/faqs/what-are-the-requirements-for-ssl-com-ev-certificates/

Generally OV are much simpler but at least are a little more robust than just a DV.

Agreed.

In writing it looks like a big deal, but once you enter the black hat world it's definitely not that hard to pull it off for a 'fake' entity.

I use a couple of them (EVs) as they're not that expensive but don't see a need for them for the majority of users.

 

[Pay.My.id]

Personally , saying that using SSL is secure isn't false, but it's also not strictly true. It's one piece in a cybersecurity which is on the face of it one of the easiest security features to identify, especially from a web-crawler point of view.

 

[7363824]

Agreed.

In writing it looks like a big deal, but once you enter the black hat world it's definitely not that hard to pull it off for a 'fake' entity.

I use a couple of them (EVs) as they're not that expensive but don't see a need for them for the majority of users.

I agree I usually stick with OV. Perhaps if my site were popular enough I thought it had more of a risk to be targeted by fakes I would probably go for EV then.

 

[Paul]

I think the biggest problem is that in addition to only being DV, LE certs cost nothing, and probably get 0 human review even after the fact.

The cost means nothing. Money hasn’t proven to be an effective barrier—if you’re setting up a phishing site, why not just use stolen credit cards to pay the fees?

Let’s Encrypt uses CT, which means everything they do is scrutinized, both by humans and automated systems. That’s why it’s possible to say exactly how many PayPal-related phishing scams have utilized Let’s Encrypt’s certificates. Take a look at Symantec’s record—they charged a lot of money for their services, yet the list of problems is quite long.

It really doesn't matter. If you want to run a scam, an EV is just as easy to obtain as a DV. It costs money and leaves an additional trail so you'll see less fishing sites using an EV but technically there's no difference.

If you were to run a proper scam an EV is actually the way to go.

Don't trust a site just because it's using TLS/SSL. Those days have long gone.

This—although those days never existed. Let’s Encrypt has substantially raised the bar in terms of both security and auditing, but the use TLS does not and never has said anything about the reputation of a site. EV is mostly pointless beyond checking the boxes when it comes to compliance.

Getting an illegitimate EV cert really isn’t that hard, but nobody bothers because it’s mostly pointless.

 

[7363824]

The cost means nothing. Money hasn’t proven to be an effective barrier—if you’re setting up a phishing site, why not just use stolen credit cards to pay the fees?

That's were effective fraud prevention by the CAs comes in. Granted better revocation support via OCSP Stapling would be helpful for fraudulent transactions identified after the fact.

 

[Pay.My.id]

Another fact data from Letsencrypt : Updated 2020-03-05: Of the original 3,048,289 certificates that were affected, over 1.7M have been replaced and revoked. There are more than 1M whose status is either unknown or not replaced. Of the original 3M affected certificates, about 1M were duplicates of other affected certificates, in the sense of covering the same set of domain names

 

[Paul]

That's were effective fraud prevention by the CAs comes in. Granted better revocation support via OCSP Stapling would be helpful for fraudulent transactions identified after the fact.

OCSP is useless and revocation is broken. Chrome has already dropped support for OCSP and CRLs. They have a list of high-profile revocations (CRLsets), and that’s it. Take https://www.yescalifornia.org/ for example (disclaimer: this is not an endorsement). A friend linked me to them the other day. Much to my surprise, he could access the site, but I couldn’t. Why? GoDaddy, the CA, has revoked their certificate, but Chrome, the most popular browser, doesn’t know or care. I was using Firefox, which attempted a CRL check and saw the revocation; he was using Chrome.

TLS is for encryption and rudimentary domain authentication—any other assertions or guarantees are largely myths or security theater. Certificates are, for most purposes, effectively irrevocable; that’s why Let’s Encrypt’s short certificate lifespan, use of CT, and strong automated authentication are such a big improvement over competition. Yes, there will be bugs from time to time, but even with all their transparency, their record is still quite good.

 

[topdom]

I don't understand this topic but I don't "trust" any ssl, because those which are really secure, I mean without backdoors, may be blocked by browsers. How can a normal person, who is not an expert know what the hell is happening. You have to surrender to do business, but you won't have full control then. Browsers and certs need to be made more democratic, I mean opensource.

 

[Paul]

I don't understand this topic but I don't "trust" any ssl, because those which are really secure, I mean without backdoors, may be blocked by browsers. How can a normal person, who is not an expert know what the hell is happening. You have to surrender to do business, but you won't have full control then. Browsers and certs need to be made more democratic, I mean opensource.

For the most part, everything involved is open source and transparent, at least with a modern CA like Let’s Encrypt.

As a normal user, you should be expecting all the sites you use to use TLS (formerly known as SSL). You want to see that lock icon in your browser. It doesn’t matter what the site is—you want to see that lock. That does not mean the site is trustworthy—it just means you are being protected against certain kinds of attacks.

It’s like locking your doors in a rough neighborhood. Sure, there are other ways to get in, but you’re decreasing your chances of being victimized.

A lock icon in the address bar makes no assertion about the trustworthiness of a site. Lack of a lock icon—or a red “not secure icon”—is a good indication that you should avoid providing that site with any information; there’s no excuse for site to avoid TLS when it’s easy and free.

 

[branding]

It’s like locking your doors in a rough neighborhood. Sure, there are other ways to get in, but you’re decreasing your chances of being victimized.

Nice analogy. Will be quoting you

 

[7363824]

OCSP is useless and revocation is broken.

Which is why I said OCSP Stapling which solves alot of the problems with regular OCSP but isn't yet implemented mostly. But once it is itll solve that problem.

 

[topdom]

I mean, years ago, we used self signed SSL for our own use, and offered nonSSL login for nonadmin users. It worked well, because we didn't require any criticial info... If we used such self-signed certificate, in today's browser we wouldn't be able to login... I know this all depends on difficulty of factorizing big numbers into its prime factors, but there must be some details in practice, and devil might be in those details. There might be totally trustable services, but it is imossible to know which ones are so, and if you use your own cert, then the browser prevents access, this is what makes me angry. I mean you can probably protect yourself against everyone, except bigbro, but this may not be enough.