dovecot - Mar 2019 - regarding ssl certificates

On Thu, 14 Mar 2019 12:13:15 +0100
"Guido Goluke, MajorLabel via dovecot" <dovecot at dovecot.org>
wrote:
> Op 14-03-19 om 11:46 schreef mick crane via dovecot:
> > Excuse dopey question.
> > I'm not exactly clear about certificates.
> > Apache2 default install has this snake oil certificate
> > Can make a new one for apache
> > Can make one for dovecot
> > Can make one for ssl
> > Is there supposed to be the one (self signed ) certificate pair in one
> > place for the machine that each process hands out ?
> > Can they be moved to another machine ?
> >
> > mick
> >  
> 
> Apache, dovecot and Postfix can all use the same certificate, you do 
> need to configure each one to the location of the certificate though. 
> SSL is something else: apache, dovecot, postfix are all 
> services/programs. SSL is a protocol/way of encryption. Self-signed 
> means there is no Certificate Authority backing the legitimacy. Getting 
> a Let's Encrypt certificate (I recommend certbot) will get you a 
> legitime certificate, but only for the hostname (e.g. 
> web01.yourdomain.com) you provide it. This must be traceable to your 
> machine through DNS, so moving it to another machine would only work if 
> that machine would completely replace the old machine (domain name) and 
> the DNS is changed to point to your new IP address (or the old machine 
> gets taken out of 'the air' and the new machine gets the old
one's IP
> address).
> 
> Best.
> 
> MajorLabel
Sorry I have to write this, but this is again pointing people in a fake
security direction.
The only valid authority for a certificate is the party using it. Any third
party with unknown participants cannot be a "Certificate Authority" in
its
true sense. This is why you should see "Let's Encrypt" simply as a
cheap way
to fake security. It is a US entity, which means it _must_ hand out all
necessary keys to fake certificates to the US authorities _by law_.
Now probably you can imagine why they are giving the certificates out for
free. US authorities can compromise all of them - without any "open
knowledge".
It would be dead easy to prevent this fake for the guys at mozilla or google
(for the web), but they don't. All that is needed is a trivial DNS-based way
to check self-signed certificates at the corresponding domain, let's say
some
host pointed to by a SRV entry.
If you think DNS (not DNSSEC which has the same immanent problem) can be
compromised too, well, yes, but then the access to hosts in that domain will
be compromised anyway and a certificate will not save you at all. 
</offtopic>

-- 
Regards,
Stephan

On 3/14/19 7:40 AM, Stephan von Krawczynski via dovecot wrote:
> Sorry I have to write this, but this is again pointing people in a fake
> security direction.
You should be sorry, because you are wrong.
> The only valid authority for a certificate is the party using it. Any third
> party with unknown participants cannot be a "Certificate
Authority" in its
> true sense. This is why you should see "Let's Encrypt" simply
as a cheap way
> to fake security. It is a US entity, which means it _must_ hand out all
> necessary keys to fake certificates to the US authorities _by law_.
Certificate authorities, including Let's Encrypt, operate on Certificate 
Signing Requests, not Private Keys.  Some CAs do offer private key 
generation in their services for the user's convenience, but it is not 
recommended (obviously) and in no way required.  Getting a CA to sign a 
CSR in no way exposes keys to that CA, and therefore not to any government.

While there are weakness in the CA trust system, they aren't anything 
related to replacing a snakeoil cert with one from Let's Encrypt.

[rest of ignorant rant trimmed]

Phil

On Thu, 14 Mar 2019 09:51:14 -0400
Phil Turmel via dovecot <dovecot at dovecot.org> wrote:
> On 3/14/19 7:40 AM, Stephan von Krawczynski via dovecot wrote:
> 
> > Sorry I have to write this, but this is again pointing people in a
fake
> > security direction.  
> 
> You should be sorry, because you are wrong.
> 
> > The only valid authority for a certificate is the party using it. Any
third
> > party with unknown participants cannot be a "Certificate
Authority" in its
> > true sense. This is why you should see "Let's Encrypt"
simply as a cheap
> > way to fake security. It is a US entity, which means it _must_ hand
out all
> > necessary keys to fake certificates to the US authorities _by law_.  
> 
> Certificate authorities, including Let's Encrypt, operate on
Certificate
> Signing Requests, not Private Keys.  Some CAs do offer private key 
> generation in their services for the user's convenience, but it is not 
> recommended (obviously) and in no way required.  Getting a CA to sign a 
> CSR in no way exposes keys to that CA, and therefore not to any government.
> 
> While there are weakness in the CA trust system, they aren't anything 
> related to replacing a snakeoil cert with one from Let's Encrypt.
> 
> [rest of ignorant rant trimmed]
Some facts for you, as obviously you have not understood what a CA is worth
that is compromised by either hackers or "authorities".
If you want to know more, read articles about closing of CA DigiNotar, like:
https://en.wikipedia.org/wiki/DigiNotar

Then read US export laws concerning security devices.
Then judge your US-issued certs...
 
> Phil
-- 
MfG,
Stephan von Krawczynski


------------------------------------------------------
ith Kommunikationstechnik GmbH

Lieferanschrift  : Reiterstrasse 24, D-94447 Plattling
Telefon          : +49 9931 9188 0
Fax              : +49 9931 9188 44
Geschaeftsfuehrer: Stephan von Krawczynski
Registergericht  : Deggendorf HRB 1625
------------------------------------------------------

(Sorry for the broken references, my MUA misplaced the e-mail I'm
*actually* replying to.)

On 03/14/2019 03:08 PM, Stephan von Krawczynski wrote:
> Some facts for you, as obviously you have not understood what a CA is worth
> that is compromised by either hackers or "authorities".
> If you want to know more, read articles about closing of CA DigiNotar,
like:
> https://en.wikipedia.org/wiki/DigiNotar
> 
> Then read US export laws concerning security devices.
> Then judge your US-issued certs...
Out of interest, does(*) or doesn't(**) your scenario include mechanisms
like HPKP?

(*) I'm not aware of any MUAs implementing one, just browsers, and it's
now being phased out by *them* in favor of CT, too.

(**) If not, the question of what CAs issued any *legit* certs for you
has no practical relevance on whether and which other CAs may get hacked
or judicially suborned into creating a working fraudulent one.

(Where "practical" means "you cannot expect the entire, possibly
worldwide, user population to manually strip their clients' list of
accepted CAs down to the one *you* chose".)

Regards,
-- 
Jochen Bern
Systemingenieur

www.binect.de
www.facebook.de/binect

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4278 bytes
Desc: S/MIME Cryptographic Signature
URL:
<https://dovecot.org/pipermail/dovecot/attachments/20190314/57dfc31a/attachment.p7s>

mick crane wrote:
> Apache2 default install has this snake oil certificate
> Can make a new one for apache
I won't go over some of the excellent points in previous posts,
but I will mention SAN as a third type of certificate you can make.
LetsEncrypt supports this type of certificate.

This is halfway between single CN and wildcard certificate where you can
combine many hostnames (up to 1000?) into one certificate.  This may
be useful if you want the convenience of handling fewer certificates,
without having an unbounded wildcard certificate (the latter also requires
control over your DNS).  I use this for SMTPAUTH, POP3, IMAP and webmail
services since they are all on one server.

Then Stephan von Krawczynski wrote:
> Sorry I have to write this, but this is again pointing people in a fake
> security direction.
> The only valid authority for a certificate is the party using it. Any third
> party with unknown participants cannot be a "Certificate
Authority" in its
> true sense. This is why you should see "Let's Encrypt" simply
as a cheap way
> to fake security. It is a US entity, which means it _must_ hand out all
> necessary keys to fake certificates to the US authorities _by law_.
> Now probably you can imagine why they are giving the certificates out for
> free. US authorities can compromise all of them - without any "open
knowledge".
Wow, you packed a lot of fear, uncertainty and doubt (and some
misinformation) into one paragraph.  I'll leave it at that.

Joseph Tam <jtam.home at gmail.com>

Is there some reason to use a mail.domain.com cert for mail rarher than just
using domain.com for everything?

Historically the subdomain were used because they were on different hardware.
That is www was on one machine and mail was on another.





	? Original Message ?



From: dovecot at dovecot.org
Sent: March 14, 2019 3:56 PM
To: dovecot at dovecot.org
Reply-to: jtam.home at gmail.com
Subject: Re: regarding ssl certificates


mick crane wrote:
> Apache2 default install has this snake oil certificate
> Can make a new one for apache
I won't go over some of the excellent points in previous posts,
but I will mention SAN as a third type of certificate you can make.
LetsEncrypt supports this type of certificate.

This is halfway between single CN and wildcard certificate where you can
combine many hostnames (up to 1000?) into one certificate.? This may
be useful if you want the convenience of handling fewer certificates,
without having an unbounded wildcard certificate (the latter also requires
control over your DNS).? I use this for SMTPAUTH, POP3, IMAP and webmail
services since they are all on one server.

Then Stephan von Krawczynski wrote:
> Sorry I have to write this, but this is again pointing people in a fake
> security direction.
> The only valid authority for a certificate is the party using it. Any third
> party with unknown participants cannot be a "Certificate
Authority" in its
> true sense. This is why you should see "Let's Encrypt" simply
as a cheap way
> to fake security. It is a US entity, which means it _must_ hand out all
> necessary keys to fake certificates to the US authorities _by law_.
> Now probably you can imagine why they are giving the certificates out for
> free. US authorities can compromise all of them - without any "open
knowledge".
Wow, you packed a lot of fear, uncertainty and doubt (and some
misinformation) into one paragraph.? I'll leave it at that.

Joseph Tam <jtam.home at gmail.com>