does SSL even protect users now that most of the CAs are also hosting or reverse proxy companies

@staticsafe @ben I guess the question is what good SSL does when Cloudflare sits between you and my web server. The answer is that it still protects against everybody else.

@ben yeah i think so

at least if you get your certs from let's encrypt, which ensures that you can only get a cert for a domain that you actually control

idk what policy the other cas have

@00dani but let's say you get a different dynamic IP address or something and someone else manages to get yours

you own the domain, but have no control over the server that now has an entirely valid TLS certificate

@ben wait why would reallocating your ip address mean someone else gets control of your server?

i'm not following this scenario

@00dani let's say you didn't update the A records on your domain name

@ben @00dani So if you make a significant mistake, you expose users to a significant risk? Sounds reasonably easy to avoid, especially with a decent config of ddclient.

@violet @00dani alright, let's move from incompetence to malice

what if your ISP wants to spoof your site

@ben @00dani I suspect that's when you get lawyers and potentially even law enforcement in.

Hierarchies of trust have their issues, but at that level of antagonism at such a high level, I'm legitimately not sure what you could do for any system.

Saying SSL isn't secure for that is like saying that your car isn't secure when the police stole your keys.

@violet @00dani

SSL is secure if CAs are secure

CAs aren't secure

And law enforcement is exactly who I'm afraid of abusing this.

@ben @00dani Ah, alright, but can CAs issue certs for other CAs? If so, then that's an architectural issue, otherwise it's again, a matter of trust, and it seems that the right option in that case is to find a CA that isn't required to cooperate with your brand of law enforcement.

@violet @00dani any CA can issue a certificate for any domain name unless their root certificate specifically restricts them

there's the CAA DNS property, but that's voluntary and a malicious actor could simply ignore it as there's no enforcement mechanism

@ben @violet couldn't a client reject certs issued from the wrong ca if the caa record doesn't match?

@00dani @violet sure, but if we're going down the road of browsers doing DNS lookups, why not just make DNS authoritative and store the expected public key there, preferably also secured with dnssec

dnssec also has many of the same issues as ssl certificates, but at least it's a bit more distributed with each TLD controlling their own non-shared key

@ben @violet well yeah, let's do that. authoritative dns information signed with dnssec is excellent :blobcat:

@ben oh so your domain is pointing at the old ip, which now equals someone else's server


i mean, that's technically correct behaviour? you've controlled the domain to say "hey this is what the domain resolves to" and then a cert can be acquired by the server that the domain resolves to

and it's entirely avoidable by updating your a records like you're supposed to ofc

Sign in to participate in the conversation
Ben Lubar's Mastodon Instance

This server and all of its members live in the same basement.