Bonum Certa Men Certa

Let's Encrypt and Other Certificate Authorities (CAs) Are Not About Security and Privacy

posted by Roy Schestowitz on Sep 04, 2024

"Encrypt" like "crypto" 'coins', i.e. a misnomer or misdirection

Peter Eckersley's homepage

YESTERDAY we said that Peter Eckersley's site being back online was interesting because he's the father of Let's Encrypt and, as Daniel Pocock put it a day earlier: "After securing Peter's domain, I immediately wanted to run certbot from Peter's Let's Encrypt project and obtain a certificate. Should it really be this easy to obtain a certificate for a domain previously owned by somebody else? Make of that what you will."

It should be noted that meanwhile, or yesterday to be precise, Geminispace has divested some more. Even less of Let's Encrypt now (!): 38 capsules left.

2563 (89.6 %) capsules are self-signed, 38 (1.3 %) use the Certificate Authority Let's Encrypt, 258 (9.0 %) are signed by another CA (may be not a trusted one).

Pocock believes it should not be easy to get "certificate for a domain previously owned by somebody else", but maybe that's a misconception because Certificate Authorities (CAs) aren't meant for real security, real authenticity, or real privacy (in practice, CAs worsen privacy because a third party will collect access data even outside one's own country). CAs are just another example of clown bullcrap disguised as sage advice on security - like dropouts who pretend to master security and instead outsource our boot to Microsoft - a company so bad at security that its own government blasts it for it.

Anyway, as a side story about the Pocock adventure, he told me of an urgent situation some days before the site went live again (Peter Eckersley and Pocock have known each other for decades; they're no foes). Pocock thought "shit [had] hit the fan" because of something happening at ISNIC - Internet á Íslandi hf. "It is already 6:15am on 2 September in Melbourne, the anniversary of Peter's death," he said. "I resurrected Peter's domain name and web site in June. I was planning to announce it today. Somebody maliciously put the domain on hold just before the weekend. "This domain is on hold" and "Last change" is 29 August..."

"I received no communication from the host or registry about this."

He later said: "It looks like this may have been an unlucky coincidence. ISNIC apparently tightened their criteria for nameservers without telling anyone. https://pde.is appears to be online again. I'm still going to publish something about it. Nonetheless, given that it was brought back quickly, I want to avoid jumping to conclusions."

Here are his existing blog posts about Peter, who site he has revived. It looks like some time very soon his public talk will be available online. Still waiting for new uploads to progress in this page (ClueCon 2024 uploads started less than a day ago).

FreeSWITCH

Other Recent Techrights' Posts

GNU/Linux Rises to All-Time High in Chile
sharp rise for GNU/Linux in Chile
Why We Still Love Gemini Protocol
Gemini Protocol may seem like something "old" (it's actually very new) and something "nobody would use", but many people use it
 
"Latest Technology News" in BetaNews is LLM Slop Promoting OOXML and Proprietary Software at the Expense of LibreOffice and OpenDocument Format (ODF)
Remember that "open-source" and Open Source aren't the same; the former is fake
Links 09/02/2025: Coffee, Toxic Productivity, and Programming
Links for the day
Debian's Human Rights violations & Swiss women Nazi symbolism
Reprinted with permission from Daniel Pocock
Links 09/02/2025: Software Patents on MP3 and Another Scam Dressed Up as "Crypto"
Links for the day
Links 09/02/2025: Russian Energy Cut Off, LLM Pushers Show Signs of Desperation
Links for the day
Richard Stallman (RMS) Does Not Have Media Companies and Lobbyists on His Side, But His Message Spreads Regardless
The message of RMS is spreading in spite of all the smears
Links 09/02/2025: Hottest January on Record, Panama Blackmailed
Links for the day
Gemini Links 09/02/2025: "Died as a Mineral" and Game Interface for a Non-Game
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, February 08, 2025
IRC logs for Saturday, February 08, 2025
Links 08/02/2025: UK Back Doors and Religious Fundamentalists in Positions of Higher Power
Links for the day
Today's IBM (Red Hat) Isn't the Company That Fought a Microsoft-Sponsored SCO in Court
IBM is nowadays in a state of rapid disintegration
When You Simply Rebrand Almost Everything as "Hey Hi" ("AI"), "Hey Hi Workloads", "Hey Hi Datacentres" and Whatnot
The "growth" has been a growing lie for years if not decades
Microsoft Windows Falls to 12% in Myanmar
Remember that Microsoft is virtually 0% in mobile
This is the Man Who's Attacking Linus Torvalds et al in "a Disease" (Social Control Media)
One thing that Richard M. Stallman and Torvalds can agree on is that Social Control Media should be avoided
Gemini Links 08/02/2025: "Thought Leaders" and Returns to Gemini Protocol
Links for the day
Links 08/02/2025: MElon Coup, Mass Layoffs at Facebook, and PlayStation Network Down
Links for the day
Unlike GAFAM, Free Software Serves You, It Does Not Serve Governments and MElons (Overlapping Forces)
Tired of oligarchy controlling your life through gadgets and "apps"?
On Wars Against Founders
We need to insist that founders remain
When It Comes to Social Control Media, Linus Torvalds is Channeling Techrights
GAFAM workers know exactly who to aim at
New EPO Paper: Promoting (Rewarding) People Who Grant Many Illegal European Patents to Make More Money (at Europeans' Expense) While Patent Courts in the EU Are Themselves Illegal
now the coup is sort of complete and even the "courts" are part of the corruption
Slopwatch: Carnival of LLM Slop and FUD Spewed by Bots, Pasted in by MaKenna Hensley and Day
Welcome to the Web in 2025. Articles about "Linux", "Security", and the Web (e.g. "Firefox") are fake.
Links 08/02/2025: News Corp Admits Traffic Declines, Wildlife Trafficking Tackled
Links for the day
Gemini Links 08/02/2025: Lamp and Notions
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, February 07, 2025
IRC logs for Friday, February 07, 2025