
Why Let's Encrypt is a bad idea - jawns
https://medium.com/swlh/why-lets-encrypt-is-a-really-really-really-bad-idea-d69308887801
======
griffinmb
This is a horribly misinformed article, and is incorrect about the most
fundamental arguments it is making. E.g. Among many other issues, it implies
that a compromised CA would allow passive MitM.

~~~
LinuxBender
The article does have some issues, but a compromised CA would certainly make
MitM easier. Not passive, but certainly ssl-strip [1] / ssl-sniff options get
much easier.

Pinning certs (HPKP) is too dangerous so very few people implement it. That
means if I have a signing cert for any trusted CA, I can ssl-strip with ease.
This really has nothing specific to do with Lets Encrypt however. Any trusted
CA signing cert will do. Or even an unlocked server cert (missing constraints)
will do.

[1] -
[https://moxie.org/software/sslstrip/](https://moxie.org/software/sslstrip/)

~~~
griffinmb
Sure, the "passive" was what I was calling out as incorrect. And as you noted,
a compromised trusted CA affects _all_ domains. Which is another thing this
article gets explicitly wrong.

> If DigiCert’s Key Management System is compromised, all of their SSL
> certificates will have to be revoked and re-issued. But if one of the other
> CAs is compromised, it would not affect Medium’s site.

~~~
LinuxBender
Agreed. This is where folks must risk-rank their traffic contents and
determine if HTTPS alone is enough, or if in some cases, encrypted payloads
using other forms of encryption and trust are useful. i.e. gpg, psk, etc...
Secure email is the first thing that comes to mind.

