|
|
|
|
|
|
by Zikes
4083 days ago
|
|
|
You can get MITM'd at every single switch or router your traffic passes through, not just one attacker. That includes your government, other governments, the company running the public wifi you're connected to, your ISP, everyone. In fact, some of them would probably do it wholesale. If PRISM doesn't already have a google.com MITM-ready certificate, they sure as hell would once we dropped the CA trust system. > and an expired certificate is still invalid. >..for no good reason whatsoever. For very good reason. The certificate system is built on trust, and as soon as the expiry point is reached that certificate and the identity it represents is no longer vouched for by the CA. |
|
|
Let's Encrypt is a great first step towards that. If certs are issued by a known good actor with no perverse incentives, most of the other problems I'm complaining about completely go away, or at least become a lot less problematic, and as a nice side benefit, the Startcoms and the Verisigns of the world get to do something more productive with their time.
As to the expiration, that is a completely arbitrary and bureaucratic distinction, not a practical one. Your domain doesn't stop being owned by you and your private key doesn't lose its qualities just because the date is D+1d.
The entire concept of expiring certs could be removed from the web SSL system with no ill impact.
Look at it this way:
* If the idea was to prevent against key compromise, a rekey would be required - it isn't.
* If the idea was to re-verify your identity, renewing a cert would be more involved than logging in and pasting a CSR - it isn't. And that goes double when the cert is only for domain validation and doesn't vouch for anything other than the fact that the guy who generated the CSR had access to the server the domain points at when the cert was generated.
Both of these are practical concerns that are completely ignored - so what reasons are left?