[Cryptography] New SSL/TLS certs to each live no longer than 47 days by 2029
Kent Borg
kentborg at borg.org
Wed Apr 16 07:20:43 EDT 2025
I'm not sure what to think of the 47-day limit, but the new six-day
certificates from Let's Encrypt seem a *really* dumb idea, and the two
things smell similar, so I am biased against this 47-day news.
My problem with six-day certificates is they turn Let's Encrypt into a
very scary single point of failure. Today, if Let's Encrypt went down
hard (or got taken over by some crazed billionaire who started taking a
sledge hammer to the place), a whole lot of folk would have to scramble,
and fast, for they would only have a few weeks to redo how they do
certificates. And that might not be enough time. (I worked for a company
that had *thousands* of certificates, constantly being renewed. A scary
proposition to turn all of those into something else and have nothing
mess up.)
With a six-day certificate, if Let's Encrypt had a serious failure, say,
on the Friday before a long weekend in the US, it would be extremely
bad. I know, I know, Let's Encrypt is immune to failures (the same way
online password managers are exempt from the rule that all software has
bugs), but for some reason I still worry.
------------------
It got me wondering, what does Let's Encrypt *do*? They don't certify
that RandomCompany.com is honest or real in any regard other than
(roughly) RandomCompany.com is slightly self-consistent in their
appearance, from different locations on the internet. So Let's Encrypt
issues a static document saying so, and now they want to issue that
document faster and faster and faster!
Then why a static document? This effectively turns into a completely
different protocol. So be honest and design that protocol! Some new
triangular protocol where TLS connections aren't between two hosts but
between two hosts plus a service that checks on the appearance of every
server out there, caching whether it seems consistent, and attesting to
new clients that it looks real.
Looks complicated? Well, shorter and shorter certificates are also
complicated, more complicated than Let's Encrypt appreciates.
Grrr.
-kb
More information about the cryptography
mailing list