On Sep 1, 2018, at 12:10 PM, Rainer Duffner <rainer at ultra-secure.de> wrote: > >> Am 01.09.2018 um 12:51 schrieb Pete Biggs <pete at biggs.org.uk>: >> >> That was until LetsEncrypt comes along - it has the backing of some big >> names and *IS* an effective business model for small and private >> customers. > > What *is* the business model of Let’s Encrypt? They’re a nonprofit, run off of sponsorships and donations: https://letsencrypt.org/about/ https://letsencrypt.org/donate/ https://letsencrypt.org/docs/faq/ https://letsencrypt.org/sponsors/ https://letsencrypt.org/become-a-sponsor/ > Are they going to issue „Pro“ certificates at some point that cost money? That would be incompatible with their 501(c)(3) status. > Running a CA is not expensive per se Indeed. Let’s Encrypt was inevitable: the compute costs of generating certs, running the back-end service, and holding the data were tiny in the 1990s and are even tinier now. Tiny times massive equals large, so at scale there are non-trivial costs, but the old standard of ~$100/yr was rapacious for what we’d now call a domain validation (DV) or light organization validation (OV) cert. > In the beginning, the certificates had a certain level of trust with them that came both from the high prices (deterring drive-by crooks) and the fact that some sort of vetting was made to ensure that nobody could have issued a certificate for a domain they didn’t really control. I had certs in the early days, and even back then, a standard web site cert didn’t involve a whole lot of checking. That’s lead to the DV vs OV vs EV distinction: https://www.ssl.com/article/dv-ov-and-ev-certificates/ If a DV-only cert is sufficient for your purposes, then Let’s Encrypt probably does all you need. The only reason to buy a cert these days is if you want OV or EV, and if it were me, I’d skip OV and go to EV in order to get the extra assurances that the green styling in the browser asserts. For some applications, it’s worth the money. DV-only covers a whole lot of use cases, though, including the one that started this thread. > These days, a certificate just shows that the communication is encrypted. You may be right that there is little practical difference to a random end user between DV and OV, but I believe there is real value in EV. > There’s even talk about deprecating the special handling browsers have for EV-certificates from future versions of Mozilla. Why? I’m aware that it’s possible to generate a fraudulent EV cert, but to deprecate the distinction between EV and DV is to impugn the value of the CA system entirely. There’s plenty of problems in the system, which is one reason why we have the CAB Forum: untrustworthy CAs get run out of business. That leaves transparent TLS proxy middleboxes and such, but that’s just another “Who do you trust?” argument.