Why are you calling Let's Encrypt low-assurance? The ACME protocol verifies that the requester of the certificate controls the domain.
Honestly, I don't understand the problem you're trying to solve. Obtaining a TLS certificate is not a hurdle any more nowadays, as it can trivially be done automatically using ACME. Some web servers (like Caddy) even do it for you on the fly, making it trivial to set up a server with a proper TLS configuration. On Thu, 30 Mar 2023 at 10:07, Yannick LaRue <YannickL= [email protected]> wrote: > Dear TLS Working Group, > > > > Thank you for your response to our previous message from Eric Rescorla. We > appreciate your clarification on the use of ECDH ephemeral for encrypting > the exchange of certificates in the TLS 1.3 handshake. > > > > Based on this information, we have a new proposal to make TLS universal > and promote the use of encryption across the internet. Our idea is to use > ECDH ephemeral to create secure connections for sites that do not have > certificates. This will provide a low level of security for these sites, > but still better than the current situation where plaintext HTTP is used > for these sites. Furthermore, using a certificate for a site should provide > a medium level of security, which is already the case. Finally, mutual > authentication should provide a high level of security. We believe this > approach would be in line with the spirit of the Browser Forum, which seeks > to promote universal encryption on the internet. > > > > Furthermore, our proposal to use ECDHE for securing connections without a > certificate provides the same level of assurance as the use of > low-assurance certificates, such as those issued by Let's Encrypt or > Cloudflare, which do not guarantee the identity of the server and its > owners. In fact, many certificates simply guarantee that the site is hosted > by a particular provider, such as the certificate used any site on > Cloudflare, which lists Cloudflare, Inc. as the organization. Our proposal > offers a more universal approach to encryption that doesn't rely on > specific certificate authorities or their levels of assurance, and it would > bring the benefits of encryption to all sites, regardless of their level of > technical sophistication or resources. > > > > Additionally, it is worth noting that many websites currently use > low-assurance certificates simply to meet TLS requirements and enable > encryption on their channels. This practice goes against the original > philosophy of TLS, which was designed to provide strong assurance of server > identity. Therefore, our proposal to include a low-assurance level using > ephemeral ECDH in TLS would not only make the protocol universal but also > help mitigate this problem. This reinforces the idea of including a method > within TLS for users to securely utilize the protocol without having to > resort to workarounds. > > > > We believe that by making encryption available to all sites, we can > promote greater security on the internet. This proposal will also help > users understand the level of security provided by their connections and > will encourage them to demand stronger security where it is necessary. > > > > Thank you for your consideration, and we look forward to your response. > > > > Best regards, > > > > Yannick LaRue > > SSE Carte à Puce Inc. > _______________________________________________ > TLS mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
