The Trouble with Let’s Encrypt

by | Hosting Security

Lets Encrypt Free SSL

Lets Encrypt Free SSL

SSL certificates all perform the same task, but they aren’t all equal in quality. Let’s Encrypt issues certificates that are free of cost and easy to install, with the aim of making secure Web connections as universal as possible. The downside of this approach is that its certificates don’t offer much confidence in their authenticity. At OrangeWebsite, we’ve decided not to accept them on our shared hosting, though you can use them on a VPS or dedicated server. We’d like to let you know our reasons.

Not all SSL certificates are the same

Having an SSL certificate provides an encrypted connection between a browser and a Web server. The protocol family that supports this is widely known as SSL, but current versions are more properly called TLS. Connecting by TLS guarantees that the server belongs to the owner of the certificate. A certificate authority (CA) digitally signs the certificate, indicating it has confirmed its authenticity.

Anyone can create a self-signed certificate. It will enable encrypted connections, but without a CA’s signature, there’s no guarantee that the site owner is who it claims it is. Browsers warn users against trusting self-signed certificates.

Let’s Encrypt acts as a “free, automated, and open certificate authority.” It allows anyone to set up a secure website at no cost and with little effort. This is good, but prominent figures in the tech industry have expressed serious concerns about its certificates.

The process for setting up a certificate is simple. A couple of commands on a Linux server will do the whole job. The problem is with the level of authentication provided. The only validation is that the applicant for the certificate controls the domain it’s issued to. If you’re getting a certificate for example.com, you have to register it from example.com. There’s no checking who you are. This type is known as a “domain validated” certificate. Let’s Encrypt isn’t the only CA to issue domain validated certificates, but it’s the only one that doesn’t charge anything for them.

Certificates and trust

Just having an SSL certificate, especially one that’s only domain validated, doesn’t make a site trustworthy. It could be a near-lookalike for a well-known domain (e.g., micros0ft.com). Let’s Encrypt has reportedly issued over 14,000 certificates to domains that impersonate PayPal.

Some domains allow users control of subdomains (e.g., mydomain.example.com). They can obtain certificates for their subdomains. This can give the impression of approval by a well-known site. The subdomain may redirect to a different domain, on an independent server which the primary domain has no control over.

The most trustworthy SSL certificates are EV certificates. EV stands for “extended validation” and signifies that the CA has met certain standards for checking the applicant’s identity. It has checked and confirmed that the applying organization legally exists and is who it claims to be. Browsers generally indicate an EV certificate with a green symbol, such as a padlock.

Unfortunately, most people don’t recognize the nuances. If they see a padlock, they’re likely to assume the site is trustworthy. Since Let’s Encrypt doesn’t even require a payment method, its bar to registering a certificate is very low. It plans to check the Google Safe Browsing API for known phishing or malware sites, but that’s about the extent of its checking. There have been confirmed reports of malvertisers using its certificates. When certificates are free, it’s easy to set them up with throwaway domains.

We hope that in time, Internet users will better understand the difference between a secure site and a legitimate one. When the large majority of sites display a padlock in the address bar, browsers will need to make a clearer distinction among the levels of validation. Eventually they may warn users about sites whose certificates are only domain validated. If a browser did that today, though, it would have to issue a constant stream of warnings.

For the present, it’s a good habit to click on the padlock symbol of a secure site if there’s any doubt about it. The browser should give information about the site’s level of validation and its owner of record. Some browsers, though, will say nothing more than “This site is secure.”

Openness and trust

Let’s Encrypt has explained its policy. It argues that a CA is in a poor position to police a site’s content. It’s difficult to determine if a site is clean, and harder to check if it stays clean. The primary aim of the project is to make as much of the Web as possible use TLS. That will inevitably include rogue websites. These sites exist anyway; the only difference is that some people may trust them more when they see the padlock symbol.

Any issuer of domain validated certificates faces this risk, and even the EV level isn’t completely safe against malicious sites. A signed certificate isn’t and can’t be proof of trustworthiness. Let’s Encrypt doesn’t want to take on the role of a censor, and we appreciate that. At the same time, we don’t want to give dishonest websites the appearance of legitimacy if we can avoid it.

We offer several options for purchasing SSL certificates. The lowest priced ones are domain validated, but the annual fee will discourage acquiring certificates for throwaway domains. For a better level of validation, we offer the Comodo InstantSSL certificate with business-level validation. The best validation comes with our Comodo EV certificates, either for a single domain or for multiple domains sharing the same IP address.

Balancing trust and openness can require some difficult tradeoffs. One of our chief goals is to enable free expression, but we don’t want to be a magnet for deceptive and dangerous sites. We hope you understand the reasons for our choice. Feel free to contact us with any questions.