Hacker News new | past | comments | ask | show | jobs | submit login

Lets Encrypt has been enabling bad behavior quite a bit lately. Here Matrix says they will no longer accept federation from peers that self sign their certs. Why? Because Lets Encrypt exists. That's the entire argument. They do not address the problems of centralization this creates.

no, the argument is that Let's Encrypt is doing a better job at trustworthiness than our previous attempt at using Perspectives to vouch for self-signed certificates, and so at least self-signed folk can have a fairly seamless upgrade to LE if they want.

However, if you want better trust, you can always use a CA you trust more than Lets Encrypt (including a private one, if you're on a private federation, of course).

Could you please point me in the direction of someplace where this problem is better explained? I'm struggling to understand, how the certificate choice of the peer X should be a problem, given you send them only the information directly related to the peer X, so it seems like you shouldn't care if the traffic between you 2 is encrypted using X's key or MitM's key, because it's only their part of the network that potentially gets compromised. If so, it should be the choice of every given node, if they trust that part of the network they are connecting to, and, conclusively, if they want to accept a certificate they see for the first time, no matter if it's signed by any common CA or not.

https://github.com/matrix-org/synapse/blob/master/docs/MSC17... is the best explanation. You can’t just make it a per-node decision otherwise everything would splitbrain.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact