Am 28.11.2016 um 23:23 schrieb Alice Wonder: > On 11/28/2016 02:12 PM, Raoul Bhatia wrote: >> I've successfully transitioned existing StartSSL certificates + HPKP / >> HSTS to letsencrypt.sh (via the Debian package). >> >> I know I am not the first to do such a thing, but maybe you'd like to >> have some quick pointers to get this resolved ASAP. >> >> Raoul >> >> PS. The most important thing is to initially tell letsencrypt.sh to >> reuse an existing private key for requesting new certs. > > And that is exactly why I never use HPKP - it does not give the system > administrator any flexibility when a new cert / key is needed. > > In theory there should be a backup key already with a pin to take care > of cases where the private key is compromised, but as soon as you have > to use it you are vulnerable to bricking the site for some users if that > key needs to be revoked. > > It also gives no flexibility whatsoever when you have to fire a system > administrator who may have had access to private keys. Normally in that > situation you generate new keys, but with HPKP you are stuck keeping the > old keys active until the new keys have had their pins in the header > longer than the TTL. >
This issue can be solved by using sort life spans for certificates/keys like lets encrypt does. At least it reduces the drawbacks > Why people like HPKP so much is a real mystery to me. > Because HPKP recreates some level of trust in a (almost) compleately broken and highly flawed system? With HPKP mitm attacks by skilled adversaries is almost impossible while without it mitm is a piece of cake, especially for government agencies. It does a great deal for the trust of the certificate system. > _______________________________________________ > Ach mailing list > [email protected] > http://lists.cert.at/cgi-bin/mailman/listinfo/ach
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Ach mailing list [email protected] http://lists.cert.at/cgi-bin/mailman/listinfo/ach
