[indolering]

That doesn't make it correct. Imagine if someone had said, "We don't need to secure HTTP, we'll just rely on E2E encryption and trust-on-first-use". I would really like it if we had a way to automatically cryptographically verify non-web protocols when they connect.

But there is no money in making that a solution and a TON of money in selling you BS HTTPS certs. There is a lot of people spreading FUD about it. It's a shame.

[bawolff]

> But there is no money in making that a solution and a TON of money in selling you BS HTTPS certs

Ah yes, because lets encrypt is rolling in the $$$$.

[indolering]

Mark Shuttleworth paid for his ride to the space station by selling HTTPS certs.

The sad thing is that Mozilla and others have to spend millions bankrolling Let's Encrypt instead of using the free, high assurance PKI that is native to the internet!

[ekr____]

It's not really free, though. Rather, the costs are distributed rather than centralized, but running DNSSEC and keeping it working incurs new operational costs for the domain holders, who need to manage keys and DNSSEC signing, etc. And of course there are additional marginal costs to the registrars of managing customer DNSSEC, both building automation and providing customer service when it fails.

It's of course possible that the total numbers are lower than the costs of the WebPKI -- I haven't run them -- but I don't think free is the right word.

[indolering]

I mean, I guess the costs are paid for by the domain name fee. But at least it doesn't have to be a charitable activity covered by non-profits. The early HTTPS certs were especially worthless and price-gouging.

[ekr____]

> But at least it doesn't have to be a charitable activity covered by non-profits.

LE isn't primarily funded by non-profits, as you can see from the sponsor list here: https://isrg.org/sponsors/

Anyway, I think there's a reasonable case that it would be better to have the costs distributed the way DNSSEC does, but my point is just that it's not free. Rather, you're moving the costs around. Like I said, it may be cheaper in aggregate, but I think you'd need to make that case.

[indolering]

> LE isn't primarily funded by non-profits, as you can see from the sponsor list here: https://isrg.org/sponsors/

I mean, Mozilla got the ball rolling and it's still run on donations (even if they come from private actors).

> Like I said, it may be cheaper in aggregate, but I think you'd need to make that case.

The PKI is already there: we have 7 people who can do a multisig for new root keys. There is a signing ceremony in a secure bunker somewhere that gets live streamed. The HSMs and servers are already paid for. Cert transparency/monitoring is nice but now it's hard-coded to HTTPS instead of being done more generically. There's a lot of duplicated effort.

[tptacek]

Yes, the whole point of LetsEncrypt was to prevent that from happening again, and it now dominates the market.