[LinuxBender]

The article does have some issues, but a compromised CA would certainly make MitM easier. Not passive, but certainly ssl-strip [1] / ssl-sniff options get much easier.

Pinning certs (HPKP) is too dangerous so very few people implement it. That means if I have a signing cert for any trusted CA, I can ssl-strip with ease. This really has nothing specific to do with Lets Encrypt however. Any trusted CA signing cert will do. Or even an unlocked server cert (missing constraints) will do.

[1] - https://moxie.org/software/sslstrip/

[griffinmb]

Sure, the "passive" was what I was calling out as incorrect. And as you noted, a compromised trusted CA affects all domains. Which is another thing this article gets explicitly wrong.

> If DigiCert’s Key Management System is compromised, all of their SSL certificates will have to be revoked and re-issued. But if one of the other CAs is compromised, it would not affect Medium’s site.

[LinuxBender]

Agreed. This is where folks must risk-rank their traffic contents and determine if HTTPS alone is enough, or if in some cases, encrypted payloads using other forms of encryption and trust are useful. i.e. gpg, psk, etc... Secure email is the first thing that comes to mind.