[Cryptography] New SSL/TLS certs to each live no longer than 47 days by 2029

iang iang at iang.org
Tue Apr 22 04:35:31 EDT 2025 

On 22/04/2025 01:41, Ron Garret wrote:

>> On Apr 21, 2025, at 2:38 PM, iang via cryptography
>> [<cryptography at metzdowd.com>](mailto:cryptography at metzdowd.com)
>> wrote:
>>
>> On 20/04/2025 18:13, Kent Borg wrote:
>>
>>> I thought I saw someone here shrugging off the risk of MitM attacks. Be careful.
>>
>> 'twas me, heretic in chief.
>>
>> The issue here is that SSL was brought in (from v1 to v2) because of the claim that MITMs would eat our lunch. That was an unevidenced claim, and since then, there has been no evidence that the MITM attack justifies that level of defence.
>
> But that's because the defense is in place.  It's plausible that the reason we're not seeing MITM attacks is because the defense is effective.

Entirely plausible, as is the alternate argument - it's not happening because it's not economic. The question is, where's the evidence that tells it is one or the other?

>> I'm not saying it does or doesn't - I'm saying we don't know.
>
> That's kind of like saying that until you actually try jumping off the Eiffel Tower you can't know for certain whether or not you will plummet to your death, and so until someone actually does this experiment the guard rails are useless.

Well, no, it's not like that at all. We have heaps of evidence of people jumping and dying, it's a known phenomena and happens all the time.

It's more like saying, we know that knives are sharp, and they can be used to kill people. So do we impose rules on who can have sharp knives? Obviously, if we impose these rules, then ... proponents of the rules will say "Look! they're obviously working! Less people are being killed."

>>> An awful lot of users connect via wifi, and, as flawed as the
>>> certificate system is, it makes it hard for random evil hotspots to
>>> pretend to be your bank or your e-mail. If we were back at plain http
>>> these attacks would be a big problem. The system does work…to the extent
>>> it works.
>>
>> Which is (1) the evidence-free assertion. Are we protecting ourselves against a rainbow unicorn attack? It matters less if the defence works than if rainbow unicorns actually do attack.
>
> But you don't have to posit rainbow unicorns.  All you need is a script kiddie with a Raspberry Pi, and those are not mythical creatures.  It seems pretty implausible that no one would attempt MITM attacks if it were possible to conduct them with low effort and low risk.

On that last point, for sure they have been attempted. But the attackers gave up and moves to better techniques. Eg, see below.

>> One example: SSH was born because people discovered that internal attackers were eavesdropping root passwords on ethernet LANs, and hacking into machines. So RSH was updated to add keys & crypto. Problem solved correctly, because attacks were happening, and the solution stopped those attacks.
>
> The stakes are much higher now.  Suggesting that MITM mitigation is useless until people actually start geetting their bank account compromised on the regular seems pretty irresponsible to me.

Well, it's the state of the world we live in - phishing is an MITM, just a different sort. And when it turned up, the browsers, the CAs, the mail & web providers were all pretty unified in ignoring it. They all felt it wasn't their problem, someone else was "clearly" to blame. And they were too busy defending against the MITM that wasn't happening to seriously consider the MITM that was happening. Very responsible people, they even organised CABForum to make sure this sort of thing got taken seriously.

> I also at this point feel the need to point out that your hypothesis is *quite literally* a conspiracy theory.

You know the meta-conspiracy theory about consiracy theories, right? That the term was invented by the CIA to teach the media to downgrade anyone sniffing around their black ops and potentially ruining their dirty little game? It works a treat, once someone is tagged as a conspiracy theorist, their words are ignored by all right thinking peoples.

Anyway, I think we're repeating arguments in a circle, so I'll stop here :)

iang
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20250422/767ca2ee/attachment.htm>

More information about the cryptography mailing list