On 03/05/2018 04:37 PM, Tim Hollebeek wrote:
> I think we may come to regret using that trick so much.  Such schemes
> are only one software bug away from having rather profound effects
> on trust decisions and the entire ecosystem.
This is a good point, but an important mitigating factor is that these
are self-signed certificates, as compared to CT's precertificates, which
are signed by a trusted issuer but poisoned. And they are only presented
when the acme/1 ALPN is negotiated. So you'd need three software bugs,
each of which would be a game-over bug on its own:

 - ignoring a critical extension
 - trusting a self-signed certificate
 - sending acme/1 ALPN for non-validation traffic

Acme mailing list

Reply via email to