
Domain-validated SSL will soon be free from the large CAs - nailer
https://certsimple.com/blog/domain-validated-ssl-will-be-free
======
sarciszewski
Dammit.

No, I mean, this is great news, but I thought I could create value by listing
the CAs that provide free SSL on this page: [https://paragonie.com/white-
paper/2015-secure-php-data-encry...](https://paragonie.com/white-
paper/2015-secure-php-data-encryption)

And soon I won't be. Dammit. And the worst part is, I can't even be angry
about that, because it's subverted by a significant security gain.

~~~
mootothemax
>And soon I won't be.

You could pivot to in-depth reviews of the various providers.

I'm sure some providers will be a pain in the backside, some will be great,
others somewhere in the middle, and all will have various differing support
options, up-sell discounts to "premium" certs and so on and so forth.

~~~
sarciszewski
That sounds like a great idea for a follow-up page (or alternatively, a great
way to get sued for libel).

~~~
mootothemax
>a great way to get sued for libel

I'm pretty sure you're saying that with tongue firmly in cheek.

Just in case, though, even in the UK you're covered by fair comment:

[https://en.wikipedia.org/wiki/Fair_comment](https://en.wikipedia.org/wiki/Fair_comment)

~~~
sarciszewski
And if I were to ever be brought into court, I would very likely lose more in
legal fees than I make in a year, even if I win.

(I'm in America, where going to court and hoping not to end up destitute
afterwards means you already lost.)

~~~
codazoda
On the phone I once said, "In my opinion he is dishonest". I was sued in US
District court. In total it cost me $3,000 and I got off easy.

My attorney thought I might win the case but a single day of court would cost
$6,000 at the time. I settled.

~~~
sarciszewski
Yeah, I don't have $3,000 to burn, otherwise I would have a mode of
transportation that doesn't consist of:

    
    
        - walking
        - asking a friend to drive me somewhere

------
michaelbuckbee
There's a shift happening in the browser space as well to "downgrade" the UI
for DV certs, much less green locks and bars and more gray and no red security
warnings.

We're entering a world where every site has a DV cert (most likely for free
with registering a domain) but that all of the things for which we now
consider "needing SSL" will require an EV cert.

~~~
mikeash
As long as browsers don't start popping up scary warnings about submitting
forms to a site that only has DV certs, I think it'll be fine.

~~~
nandhp
And hopefully soon they can pop up scary warnings for unencrypted sites.

------
colinbartlett
And yet Heroku still charges $20 per month on top of their usual fees just to
host your certificate. This is why I've moved so many simple static sites to
Digital Ocean droplets.

------
joshfraser
About time! It's insane that CAs have gotten away with charging extortionate
amounts of money for a couple paragraphs of text that cost ~nothing to
generate for so long.

------
Perceptes
If this is true, it's far better news than Let's Encrypt ever was. I tried the
Let's Encrypt beta and was extremely disappointed that getting a certificate
isn't possible with DNS records—you have to do the challenge response by
serving a page from the live server. This is a non-starter for many use cases.
If every CA is going to be offering certs free soon, at least one of them is
bound to have a real API that's not encumbered by terrible tooling.

~~~
pfg
DNS-based challenges are coming, hopefully soon after the launch date[1].

[1]: [https://community.letsencrypt.org/t/shouldnt-verification-
vi...](https://community.letsencrypt.org/t/shouldnt-verification-via-dns-
record-be-a-priority/604/15?u=pfg)

------
daigoba66
That's great. Soon enough there won't be any excuse to not offer HTTPS.

~~~
favadi
I think there is already no excuse to not use HTTPs at this moment, no?

~~~
peterwwillis
Some excuses:

    
    
      - It's somewhat complicated for a site to implement correctly
      
      - It mainly protects users who have already connected to a site once 
        from a secure location and whose browsers support HSTS and other "fixes"
      
      - Circumvented easily via phishing
      
      - Does not prevent nation states from MITMing connection
      
      - Can only host one site per IP, without a wild-card or UCC cert 
        (which not all clients support)
      
      - Makes caching difficult to impossible
      
      - Adds performance overhead
      
      - Potential for new attacks on the TLS layer
        (SSL Strip, STARTTLS Command Injection, BEAST, POODLE, RC4, CRIME,
         TIME, BREACH, Truncation, FREAK, Logjam, Heartbleed, BERserk, 
         Root cert forgery, ChangeCipherSpec injection, Protocol downgrade, 
         Certificate errors, Renegotiation, Triple Handshake, 
         Virtual Host confusion, DoS)
      
      - General confusion by users as to what makes a connection secure

~~~
mhurron
> Can only host one site per IP

[https://en.wikipedia.org/wiki/Server_Name_Indication](https://en.wikipedia.org/wiki/Server_Name_Indication)

The rest of the excuses are basically 'it's not 100% perfect some of the time
so why bother any of the time.'

~~~
peterwwillis
Someone asked why somebody might not use HTTPS and i'm just saying what their
excuses are. This isn't even a list of _reasons_ why people cannot support
HTTPS, which includes public agency policies, legacy support requirements,
funding limitations and lack of resources.

~~~
mhurron
I'm not saying that you were putting them forward as valid, I'm saying that
list should be ignored.

------
mtgx
What about support for Certificate Transparency? Can we get that, too?
Otherwise, Mozilla/EFF's CA is probably more trustworthy.

------
mholt
And I don't know if this is much of a teaser:
[https://twitter.com/Namecheap/status/667348562980810752](https://twitter.com/Namecheap/status/667348562980810752)

That could mean a few things, but either way, things are looking good for site
owners.

~~~
huskyr
Gives a 404. Care to say what was there?

~~~
mholt
Oops, they deleted it. It was a post from Namecheap answering somebody asking
if they were going to support Let's Encrypt.

Original question:
[https://twitter.com/matbacon89/status/667348413470650370](https://twitter.com/matbacon89/status/667348413470650370)

Person's response:
[https://twitter.com/matbacon89/status/667348648741744640](https://twitter.com/matbacon89/status/667348648741744640)

In between, they _did_ say something like "You'll have to wait and see! :)"

I wonder if they deleted it in light of this blog post, which I find
disingenuous: [https://blog.namecheap.com/ssl-from-namecheap-whats-the-
diff...](https://blog.namecheap.com/ssl-from-namecheap-whats-the-difference/)

~~~
tamar
Hey - so I tweeted that...and to be very clear, nothing in that tweet should
have been implied as a yes. But since it was potentially construed as a yes,
it was deleted to avoid confusion.

~~~
eeZi
In the blog post, you point out that you perform additional validation for
your OV certificates while the free CAs do not. But since they are equally
trusted by the browsers, how does that increase security for me?

On the other key differences:

\- Shorter lifetimes is actually an advantage, since it reduces the risk when
your keys are compromised. Revocation is a mess, the only way you can be
_sure_ that a certificate can no longer be used is when it's expired.

\- No wildcards is an advantage too, since you can give each service its own
certificate and if one is compromised, the others are fine. If you're using an
organization-wide wildcard cert, a compromise is much worse.

\- Limited flexibility - "you must have root access to your servers " is
factually incorrect, the automated Let's Encrypt client is optional and you
can request a certificate manually.

\- Limited support - why would I need a SLA for a certificate, anyway? The
OCSP servers?

\- Management difficulties - while this is true now, the automation enabled by
Let's Encrypt is likely to facilitate management, not the contrary. I'm
currently working on a Puppet module which will automatically provision
certificates for web servers, something which used to be much harder.

\- Build Trust with Purchased SSL - how do I increase trust by using a OV
certificate? It's not like an average website user would look up the
certificate details, and there's no functional difference between a OV and a
DV certificate.

> The levels of encryption, validation, and trust that business and commerce
> websites require are available only with purchased SSL.

Unless you're talking about EV certificates, I don't see how. There's no
"level of encryption" which isn't available with a free CA, and the additional
validation and trust do not matter unless it's a EV certificate. Even an EV
certificate does not protect against MitM. The real answer is key pinning.

As a Namecheap customer, I'm disappointed by this blog post. It reads like an
attempt to spread FUD about free DV certificates. I initially became a
customer because I read good things about your business ethics, but this makes
me question my choice.

~~~
vangale
As a Namecheap customer I was very very disappointed with this post when I
read it yesterday. Also, it looks like they deleted a comment on their post
from someone else who was disappointed and called them out on their FUD.

~~~
zackboe
They've further edited the post to remove a lot of the misleading content, but
not all.

~~~
eeZi
Much better, but they're still arguing that somehow, non-EV certificates with
identity validation are more valuable than DV certificates because users are
going to look up the certificate details.

> We think that validation of a certificate’s owner is an important point that
> needs to be highlighted and discussed. Recent developments in SSL automation
> are fantastic from a technical point of view, however, consumers need to be
> educated on this new security paradigm and the appropriate signals to look
> for when making a security determination. Looking for ‘https’ and a lock in
> the browser bar, the traditional indicators that have been messaged as
> reliable, may not be so reliable anymore when it comes to the consumer
> definition of security.

This is laughable. It's been hard enough to get users to check for the
presence of a security indicator _at all_. Most don't even know the difference
between DV and EV, and EV certificates do have a strong visual indicator. OV
certificates don't have any, except

Hell, _I_ might not realize in time that my online banking session only has a
DV certificate today instead of EV and I'm a professional.

Sure, I sometimes check which CA a particular site is using, out of curiosity.
But no normal user is ever going to do that on a regular basis.

> Additionally, any time we receive a report of abusive activity and/or fraud
> involving a certificate, Namecheap works with CA’s to investigate the
> reported sites, and CA’s often take quick action to revoke site certificates
> as a result. This third-party revocation capability is important; it
> provides an additional layer of post-issuance protection.

Soo... How does that protect me as a Namecheap customer? Buying from Namecheap
doesn't mean that an attacker couldn't request a Let's Encrypt certificate
anyway, unless you use cert pinning and you can do that with free
certificates. There are some enterprise use cases where you'd just pin the CA
instead of single certs, but those only matter at scale.

Namecheap is right about OV certificates being more trustworthy than DV ones,
but the thing is - it doesn't really matter.

> Additionally, given recent developments, we strongly believe that additional
> education is required on the correct signals for consumers to use when
> making a security determination; browsers must necessarily shoulder some of
> this responsibility,

Like.... EV certificates? C'mon, browser vendors aren't going to add _another_
security indicator just to protect your revenue.

~~~
zackboe
Yeah, their points are all pretty shaky. I've been a fan of Namecheap for
awhile because of their past support for a better internet, but it's extremely
disappointing to see this post from them.

I guess I didn't expect them to put their profits over what's best for the
web.

------
blfr
_StartCom have given out free DV SSL for years - officially only for non-
profits, but in practice for anyone who asked_

They would refuse to renew certificates every now and then if they deemed your
use commercial though.

------
edent
I wonder whether spammers and phishers will make use of that? We often tell
people to look for the lock symbol or "https" \- those will no longer be
(weak) signifiers of trust.

~~~
toddn
Probably. Let's Encrypt has a pretty good response to that:
[https://letsencrypt.org/2015/10/29/phishing-and-
malware.html](https://letsencrypt.org/2015/10/29/phishing-and-malware.html)

------
dcrosta
Does anyone know who the two CAs this post mentions are?

~~~
nailer
Yes, I do. :^)

------
sliverstorm
And here I just renewed my DV cert for three years.

------
ck2
non-wildcards will be free

Prepare for wildcards to cost a fortune to compensate.

~~~
Karunamon
Let 'em. With something like Let's Encrypt that uses an API to sign domains on
the fly, I'm having a hard time thinking of a use case that would be
appropriate for wildcards but not appropriate for this.

WC certs are already a ripoff anyways.

~~~
Narkov
> I'm having a hard time thinking of a use case that would be appropriate for
> wildcards but not appropriate for this.

Serving multiple sub-domains from the one IP whilst still supporting clients
without SNI.

------
mikeash
Not quite on topic, but what the heck is with the bar graph at the bottom of
the page?

[https://certsimple.com/images/blog/compare.svg](https://certsimple.com/images/blog/compare.svg)

The vertical axis isn't labeled and I can't tell what the bars are supposed to
represent from the context? Is the vertical axis pain? Cost? Customer base?

~~~
nailer
Thanks for the feedback Mike! It's speed. I've reverted the text back to the
previous copy which was more specific.

Further info: ask anyone you know who's got an EV cert from a traditional
provider: it's a slow, painful process. CAs typically quote 7-10 days. I
waited a month for GoDaddy earlier this year, and many others have too.

CertSimple starts checking your details while you fill in the form, and flags
a wide variety of issues _before you pay us_. Our average validation time is 5
hours.

During validation, we provide very, very specific instructions based on a
number of aspects of your order and your company. People with .io domains and
Swedes really like us. As do in many other situations where the EV process
typically shows down.

We update in realtime during the validation, and the certs downloads
automatically.

We're about to replace the graph with the wall of Twitter customers from our
front page, so let me know what you think of that!

~~~
sureshv
Maybe someone listened but it recently took 2 days to get an EV cert from
Comodo via Namecheap. Some of that was probably due to having a registered
company with a DNB Number - YMMV.

~~~
nailer
It recently took 10 minutes to get an EV cert from CertSimple:
[https://twitter.com/webster/status/667022550594113536](https://twitter.com/webster/status/667022550594113536)

Our average validation time is five hours.

Nobody else has our tech or does anything close. When they catch up to what
we're doing now we'll be another year ahead.

~~~
RyanZAG
Is there really much demand for that? If you want an EV cert you're going to
be a big business with a lot of employees just to handle that kind of stuff. 2
days really isn't that long - getting internal signoff on the idea of using an
EV cert probably takes longer than 2 days.

~~~
mikeash
That seems kind of self-fulfilling. If the process is slow and bureaucratic
then naturally only slow, bureaucratic organizations will get them. But maybe
demand for EV certs would be greater if the process was more streamlined.

------
Animats
But to what agencies will they disclose the private keys?

We need a SSL system where there's both a CA-signed key and a self-generated
and self-signed key. That would prevent both forged sites and CA-assisted
snooping. CA-signed alone is vulnerable to Government wiretapping. Self-signed
alone is vulnerable to site spoofing. Both together would provide some real
security.

~~~
throwaway2048
You can achive the exact equivilent of this today with HPKP and HSTS.

CAs never see your private key, they are incapable of giving it to the NSA.

~~~
Animats
My bad. Thanks.

------
rakoo
This is all good and well, but if we take a step back it pretty much means
that anybody can get a DV certificate without any verification, which means
CAs are useless, which means that DV certificate offer no more guarantees
about anything than self-signed certificates.

Which is an excellent thing: maybe we'll finally be able to just use self-
signed certificates ? And ask CAs for something where they _actually_ can
provide value, ie EV certificates, for as long as we're okay to stay with this
model ?

This should be a call to browser vendors: when this is more widespread, accept
self-signed certificates as if they were DV certificates !

~~~
Nullabillity
DV certificates does provide a service that self-signed certificates don't,
though: they verify that the server controls x.com according to the public DNS
system, not just according to the user's ISP/DNS server.

~~~
avian
Strictly speaking, they verify that server controls x.com according to the
CA's ISP/DNS server/any other parties in the middle instead of the user's
ISP/DNS server/any other parties in the middle.

------
jgrahamc
It already is free. Just use CloudFlare.

~~~
k33l0r
I tried using CloudFlare for my site, but they (or their CA partner) wouldn't
issue a certificate for my domain (piranhas.co) because it contains the
substring “iran”. Seriously[0].

[0]:
[https://twitter.com/matiaskorhonen/status/561063104596172800](https://twitter.com/matiaskorhonen/status/561063104596172800)

~~~
derekp7
So 20 years later we are still stuck with this:
[https://en.wikipedia.org/wiki/Scunthorpe_problem](https://en.wikipedia.org/wiki/Scunthorpe_problem)
?

~~~
mikeash
It's always going to be around in some form, it's a clbuttic problem.

------
sqldba
Let's Encrypt is a bit of a joke though. You have to renew every 3 months.
Anyone who has used these certs knows what a huge pain in the arse it is to do
even once a year.

"Oh but we'll work out some way to semi-automate it". Ok, where is it for
those of us on cheap cpanel providers who barely know what we're doing? I
though this service was for us?

~~~
pilif
> we'll work out some way to semi-automate it

no. It will be automated completely. You set stuff up once and the certificate
will be kept up to date.

>Ok, where is it for those of us on cheap cpanel providers who barely know
what we're doing

let's encrypt support will be added into cpanel or even into the web servers
powering cpanel. All you'll have to do is check a checkbox or set a
configuration file entry in the style of `enable_letsencrypt=yes` and you're
done.

You won't have to care when the certificate expires. At that point 3 months
starts to become interesting because expiration provides a nice hard cutoff
date for revocation which works independently of OCSP and CRL availablility.

