On Thu, 14 Mar 2019 09:51:14 -0400 Phil Turmel via dovecot <dovecot at dovecot.org> wrote:> On 3/14/19 7:40 AM, Stephan von Krawczynski via dovecot wrote: > > > Sorry I have to write this, but this is again pointing people in a fake > > security direction. > > You should be sorry, because you are wrong. > > > The only valid authority for a certificate is the party using it. Any third > > party with unknown participants cannot be a "Certificate Authority" in its > > true sense. This is why you should see "Let's Encrypt" simply as a cheap > > way to fake security. It is a US entity, which means it _must_ hand out all > > necessary keys to fake certificates to the US authorities _by law_. > > Certificate authorities, including Let's Encrypt, operate on Certificate > Signing Requests, not Private Keys. Some CAs do offer private key > generation in their services for the user's convenience, but it is not > recommended (obviously) and in no way required. Getting a CA to sign a > CSR in no way exposes keys to that CA, and therefore not to any government. > > While there are weakness in the CA trust system, they aren't anything > related to replacing a snakeoil cert with one from Let's Encrypt. > > [rest of ignorant rant trimmed]Some facts for you, as obviously you have not understood what a CA is worth that is compromised by either hackers or "authorities". If you want to know more, read articles about closing of CA DigiNotar, like: https://en.wikipedia.org/wiki/DigiNotar Then read US export laws concerning security devices. Then judge your US-issued certs...> Phil-- MfG, Stephan von Krawczynski ------------------------------------------------------ ith Kommunikationstechnik GmbH Lieferanschrift : Reiterstrasse 24, D-94447 Plattling Telefon : +49 9931 9188 0 Fax : +49 9931 9188 44 Geschaeftsfuehrer: Stephan von Krawczynski Registergericht : Deggendorf HRB 1625 ------------------------------------------------------
On 3/14/19 10:08 AM, Stephan von Krawczynski via dovecot wrote:> Some facts for you, as obviously you have not understood what a CA is worth > that is compromised by either hackers or "authorities". > If you want to know more, read articles about closing of CA DigiNotar, like: > https://en.wikipedia.org/wiki/DigiNotarI am well aware of what happens when a CA is compromised and man-in-the-middle attacks become possible. Your initial mail implied that the user's own keys would be compromised. Running your own CA is quite useless for asserting one's identity to random other mail servers as you'd have to get them all to trust you as a CA, with exactly the same problems as any other CA, with anonymity tacked on. DNSSEC would be wonderful if it was commonly supported, but we ain't there yet. The point is that a cert from any currently recognized cert authority is *operationally* better than a snakeoil cert. The practical impact of your initial advice is "don't run a mail server". Also, secrets don't last -- nobody trusts anything that came from DigiNotar. That will happen to any CA caught issuing bogus certs, regardless for whom.> Then read US export laws concerning security devices. > Then judge your US-issued certs...Totally orthogonal to the problem of mutual trust for mail handling.
On Thu, 2019-03-14 at 15:08 +0100, Stephan von Krawczynski via dovecot wrote:> On Thu, 14 Mar 2019 09:51:14 -0400 > Phil Turmel via dovecot <dovecot at dovecot.org> wrote: > > > On 3/14/19 7:40 AM, Stephan von Krawczynski via dovecot wrote: > > > > > Sorry I have to write this, but this is again pointing people in a fake > > > security direction. > > > > You should be sorry, because you are wrong. > > > > > The only valid authority for a certificate is the party using it. Any third > > > party with unknown participants cannot be a "Certificate Authority" in its > > > true sense. This is why you should see "Let's Encrypt" simply as a cheap > > > way to fake security. It is a US entity, which means it _must_ hand out all > > > necessary keys to fake certificates to the US authorities _by law_. > > > > Certificate authorities, including Let's Encrypt, operate on Certificate > > Signing Requests, not Private Keys. Some CAs do offer private key > > generation in their services for the user's convenience, but it is not > > recommended (obviously) and in no way required. Getting a CA to sign a > > CSR in no way exposes keys to that CA, and therefore not to any government. > > > > While there are weakness in the CA trust system, they aren't anything > > related to replacing a snakeoil cert with one from Let's Encrypt. > > > > [rest of ignorant rant trimmed] > > Some facts for you, as obviously you have not understood what a CA is worth > that is compromised by either hackers or "authorities". > If you want to know more, read articles about closing of CA DigiNotar, like: > https://en.wikipedia.org/wiki/DigiNotar > > Then read US export laws concerning security devices. > Then judge your US-issued certs... > > > Phil >I concur Stephan; I apologize to others if I seem ignorant. Just an FYI, a founder of Let's Encrypt, and host of it's website is Akamai, which also hosts nsa.gov, cia.gov, etc. Akami principal founders were a US guy and a US/Israeli spy guy. I once did a traceroute on the mailserver that sent me an email (from a bank); the route went over to Europe, to Virginia, back to Europe, then back to me (in the US). It made me laugh it was so obvious. The bank's service provider that provided the email service ? Akamai. Any time you're using the "internet", well, let's just say that many very intelligent people are quite naive when it comes to internet security. Encryption is just really not that much of a barrier any more. Developers are always told "don't roll your own encryption". Well, to even set up encryption software (algo selection, etc.), it's something that is beyond most of us. I always try to do at least some minimal research to see "what's what", and with encryption it always boils down to having very low confidence that what I'm setting up would take more than a few minutes for a serious "invader" to totally break through. Encryption is being used to promote a false sense of security. It could only be more obvious if NSA directly sold certificates themselves. I'm sure there would be many very intelligent folks who would happily purchase them and think they were the greatest thing since sliced bread. To close rant, in my humble opinion sure, encrypt if you like, give it your best effort, but don't assume that anything is "secure".
On Thu, 14 Mar 2019, John Tulp wrote:> Encryption is just really not that much of a barrier any more.Spoken like someone who hasn't actually tried breaking any of these algorithms. It's not like every, or event most, cryptologists who designs these algorithms, or analyzes them for weaknesses, are in the pocket of the NSA or private interests. Lots of people try really, really hard to find even the slightest flaw. If you're saying it's easier to do an end-run around it, then yes, but that just emphasizes breaking encryption is much harder than alternate methods. Gary wrote:> Is there some reason to use a mail.domain.com cert for mail rarher than > just using domain.com for everything?If you want all your SSL enabled services tied to one fully-qualified domain name, then sure. Even if you have a single swiss-army knife server, you may still want to use multiple-service names for flexibility. For example, you may want to scale out in the future by offloading/autsourcing to another server. You may want to transition to a replacement platform without having to migrate all your services in one fell swoop. Having service hostnames allow you to dissociate a service from the server's hostname. Michael A. Peters writes:> With SMTP, the hostname should match the reverse IP though often it > does not.In the context of certificate authenticity, a forward DNS mapping suffices. Even for spam scoring, FcRDNS is only a weak inference to authenticity. Joseph Tam <jtam.home at gmail.com>