[Cryptography] New SSL/TLS certs to each live no longer than 47 days by 2029

iang iang at iang.org
Fri Apr 18 16:12:46 EDT 2025 

On 18/04/2025 15:42, Kent Borg wrote:

> On 4/17/25 9:55 PM, Peter Gutmann wrote:
>
>> Bruce Schneier had a great quote around this at the time, something like "the
>> claim is that if we didn't have SSL [with all the PKI folderol], chaos would
>> result.  Turn off SSL on your computer/server and watch the complete lack of
>> chaos that results".
>
> I also saw Schneier once say that there is no need for password bullet
> characters because shoulder-surfing is no longer a big problem. Except
> it is *because* of obscured password typing that shoulder-surfing is no
> longer such a problem. Sure, if one login didn't obscure password typing
> the world wouldn't end, but if all those bullets were turned to clear
> text on every login it would *become* a problem.  (He did correct
> himself. He is human, but not an idiot.)

No, the world has changed. In the beginning, shoulder surfing was a threat because we were all using shared computers - student computer labs full of terminals, shops with windows machines, etc. Now everyone has their own laptop more or less, and at least their own phone, and they are not doing their login process in what is effectively a public space.

Bear in mind also the economics of the attack. A shoulder surfer today would have to be lucky to get the right person, the right account, would have to make money off it, and would expose themselves to capture. Whereas back in the day, all accounts were good for something, it wasn't illegal, and student labs were just fun for stealing accounts.

So yes, shoulder surfing is *possible* but it's no longer probable because it's no longer economic. Practices change, and infosec should change with the times, but somehow becomes unequivocable lore passed down from father to son, master to acolyte ...

> I think the same is true of with MitM attacks. One server going without
> SSL wouldn't be the end of the world either. But if all certificates
> went away MitM attacks would *become* a problem. (And all those
> fear-sold VPN products would finally have a reason.)

And, if all the certificate went away, just exactly how would that become a problem? Where in the chain of things would the dreaded bogeyman MITM lurk waiting to pounce?

Again, the economics: an MITM can successfully crack one account. These days, no attacker gets out of bed unless there are 6 figures or it's a targetted attack in which case no cert will protect the victim...

> The rickety certificate system does accomplish something, even if it
> isn't the best way to do so.

That's what we're saying :) it isn't the best way, and it does something: it blocks all the better ways that help the vast majority of people from the ordinary threats.

> -kb, the Kent who has this image in his head of certificate renewals
> spinning faster and faster until the system destroys itself, a bit like
> Iranian centrifuges spinning themselves to destruction, but in this case
> naïvely self-inflicted and not because of something malicious, a la Stuxnet.

Yeah, there's this inductive discussion of why 47 days. If that's good, then 23 days better. And 11 days even better. Why not every minute?

If you ask this question of the certificate industrial complex warriors, you can sense them putting on their twister uniforms behind the curtain.

iang

> P.S. No, I do not think Let's Encrypt will turn the expiration times
> down to a vanishingly small value. I think they will turn them down to
> some small value that they can sustain, and stop at that. That is, they
> will stop at a value they can sustain until there is a bump in the road,
> so to speak, and *then* the whole system flies apart in a spectacular
> way. At that point it doesn't have to be a DDoS attack, just that
> something goes wrong. And there is no way to keep things from going
> wrong. But there are ways to design systems so they are brittle or so
> that they are supple--whether they fail big or fail little--when things
> *do* go wrong.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20250418/4c1a06de/attachment.htm>

More information about the cryptography mailing list