undefined | Better HN

0 pointsmastax10y ago0 comments

An argument can be made that Let's Encrypt doesn't need wildcard certificates since new certs can be generated automatically every time a subdomain is added.

0 comments

robryk10y ago

An interesting usecase of wildcard certs: when I do not want to publish the hostnames I am using. Sandstorm[1] uses unpredictable hostnames as one mitigation against various cross-origin attacks -- if the attacker doesn't know the domain of the app, he can't try to use XSRF against it[2].

[1] https://sandstorm.io [2] https://docs.sandstorm.io/en/latest/using/security-practices...

icebraining10y ago

If you are willing to only accept SNI enabled clients (the vast majority nowadays), you can achieve the same by having one cert issued per subdomain, then configuring the web server/reverse proxy to use them.

There are a few existing Nginx configs for that (search for "nginx dynamic ssl cert").

schoen10y ago

I think there are other problems for doing this for Sandstorm. One is the delay when starting to use a new hostname (right now Let's Encrypt might take around 20 seconds to issue a new hostname, which may well increase to the originally-predicted one minute eventually), while another is that all Let's Encrypt certificates are published, so if you really want the hostname to be completely unknown to an attacker, the individual Let's Encrypt certs wouldn't work.

Anyway, Sandstorm developers told me that they wouldn't plan on using Let's Encrypt while it doesn't offer wildcards, so I think we are missing out on supporting this use case.

robryk10y ago

Certs are published in certificate transparency logs, which would make the hostnames public.

discreditable10y ago

Any level of reliance on hostnames being secret seems like a very poor design decision.

kentonv10y ago

It's a mitigation strategy for other bugs, not a first-line defense. Read the doc before passing judgment.

toomuchtodo10y ago

True! But wildcards make cert management so much easier. If I have a handful of subdomains, that's fine. If I have thousands, I want a wildcard cert.

vetrom10y ago

Arguably though wildcard certs are a bad hack on security, as it binds multiple distinct endpoints to a given keypair.

Given the occasional implementation weakness, and key recoveries, I would much rather bind only one key to a name.

chipperyman57310y ago

It would be relatively easy to write a simple bash script to automate it. Granted, it might take a bit of time to generate a few thousand certs, but it wouldn't take more than a day if you only have a thousand or so.

dingaling10y ago

It's not just creating the certs that is the challenge but also managing them; back-up, revocation, re-testing after expiry and across different development environments etc

And from the client perspective is makes pinning much easier.

I'm not a fan of one-wildcard-to-rule-them either but keeping active certs to a handful through the judicious use of wildcards is a real boon.

1 more reply

j / k navigate · click thread line to collapse

0 comments

robryk10y ago

[1] https://sandstorm.io [2] https://docs.sandstorm.io/en/latest/using/security-practices...

icebraining10y ago

There are a few existing Nginx configs for that (search for "nginx dynamic ssl cert").

schoen10y ago

Anyway, Sandstorm developers told me that they wouldn't plan on using Let's Encrypt while it doesn't offer wildcards, so I think we are missing out on supporting this use case.

robryk10y ago

Certs are published in certificate transparency logs, which would make the hostnames public.

discreditable10y ago

Any level of reliance on hostnames being secret seems like a very poor design decision.

kentonv10y ago

It's a mitigation strategy for other bugs, not a first-line defense. Read the doc before passing judgment.

toomuchtodo10y ago

True! But wildcards make cert management so much easier. If I have a handful of subdomains, that's fine. If I have thousands, I want a wildcard cert.

vetrom10y ago

Arguably though wildcard certs are a bad hack on security, as it binds multiple distinct endpoints to a given keypair.

Given the occasional implementation weakness, and key recoveries, I would much rather bind only one key to a name.

chipperyman57310y ago

dingaling10y ago

It's not just creating the certs that is the challenge but also managing them; back-up, revocation, re-testing after expiry and across different development environments etc

And from the client perspective is makes pinning much easier.

I'm not a fan of one-wildcard-to-rule-them either but keeping active certs to a handful through the judicious use of wildcards is a real boon.

1 more reply

j / k navigate · click thread line to collapse