[Cryptography] New SSL/TLS certs to each live no longer than 47 days by 2029

Kent Borg kentborg at borg.org
Fri Apr 18 08:42:14 EDT 2025 

On 4/17/25 9:55 PM, Peter Gutmann wrote:
> Bruce Schneier had a great quote around this at the time, something like "the
> claim is that if we didn't have SSL [with all the PKI folderol], chaos would
> result.  Turn off SSL on your computer/server and watch the complete lack of
> chaos that results".

I also saw Schneier once say that there is no need for password bullet 
characters because shoulder-surfing is no longer a big problem. Except 
it is *because* of obscured password typing that shoulder-surfing is no 
longer such a problem. Sure, if one login didn't obscure password typing 
the world wouldn't end, but if all those bullets were turned to clear 
text on every login it would *become* a problem.  (He did correct 
himself. He is human, but not an idiot.)

I think the same is true of with MitM attacks. One server going without 
SSL wouldn't be the end of the world either. But if all certificates 
went away MitM attacks would *become* a problem. (And all those 
fear-sold VPN products would finally have a reason.)

The rickety certificate system does accomplish something, even if it 
isn't the best way to do so.


-kb, the Kent who has this image in his head of certificate renewals 
spinning faster and faster until the system destroys itself, a bit like 
Iranian centrifuges spinning themselves to destruction, but in this case 
naïvely self-inflicted and not because of something malicious, a la Stuxnet.


P.S. No, I do not think Let's Encrypt will turn the expiration times 
down to a vanishingly small value. I think they will turn them down to 
some small value that they can sustain, and stop at that. That is, they 
will stop at a value they can sustain until there is a bump in the road, 
so to speak, and *then* the whole system flies apart in a spectacular 
way. At that point it doesn't have to be a DDoS attack, just that 
something goes wrong. And there is no way to keep things from going 
wrong. But there are ways to design systems so they are brittle or so 
that they are supple--whether they fail big or fail little--when things 
*do* go wrong.

More information about the cryptography mailing list