Is no crypto always better than bad crypto (Part 2)?
Over 9 years ago, I posted Part 1 of this post, lamenting how removing older encryption algorithms and other features from SSL was a disservice to end users. After all, I’m not going to replace all of my light bulbs just because they’re no longer supported by the most recent web browsers. And it isn’t the browser maker’s fault – there’s a mysterious (to the vast majority of Internet users who want things to Just Work) cabal that sets these rules, and holds the threat of banishment over any company / organization that does not comply with their arbitrary and capricious rules, which they seem to be making up whenever they feel like it.
The cabal’s latest idiocy is that the lifetime of SSL certificates (which used to be three years and was cut back to one year some time ago) needs to be shortened further, with the eventual goal being to reduce the maximum certificate lifetime to 47 days in 2029.
Per digicert, the timetable is:
- From today until March 15, 2026, the maximum lifetime for a TLS certificate is 398 days.
- As of March 15, 2026, the maximum lifetime for a TLS certificate will be 200 days.
- As of March 15, 2027, the maximum lifetime for a TLS certificate will be 100 days.
- As of March 15, 2029, the maximum lifetime for a TLS certificate will be 47 days.
The justification for this is apparently that a purloined or mis-issued certificate will have a shorter lifetime, limiting the amount of damage that could be caused.
I feel there are 2 pieces to this (which I touched on in my previous post):
- I care about Bad Guys impersonating my bank.
- I don’t care about Bad Guys turning my light bulbs on and off, particularly since they’re on a private network not accessible from outside my house.
And I REALLY don’t want to have to write scripts to automate the uploading of new certificates to my light bulbs, water heater, air conditioners, etc. – once a year was about the maximum annoyance level I could tolerate for doing this manually.
And in some respects, 47 days is too long – if BiggyBank.com gets their certificate stolen or a bogus certificate for BiggyBank.com issued to someone else, a lot of money is going to get vacuumed out of the bank in those 47 days. It seems that some new method of authenticating the site to users and users to sites like BiggyBank is needed. Preferably one that that doesn’t involve multi-factor biometric-based authentication or some other show of security that doesn’t actually provide any security*.
If I was a company in the business of selling SSL certificates for non-critical uses (like my light bulbs) I’d be up in arms about this – after all, if a user can get a free Let’s Encrypt SSL certificate that lasts just as long as the commercial certificate I’m selling, what incentive do most customers (other than places like BiggyBank.com) have to pay me for a certificate they can get for free, particularly when a robust ecosystem of installing Let’s Encrypt certificates on just about every type of device has already evolved?
* Such as when I am signing up for some service on my phone, and they ask me for my phone number so they can text me a code (to the phone number I just gave them) to “prove” that I’m me.