Let's Encrypt is based in the US and subject to US laws

Good questions all. I can't speak too much to other things they could do, but here's some comment on the ones your brought up:

  1. Yes, they could revoke a certificate. But while this could cause some availability issues for your users, it wouldn't compromise confidentiality or integrity.
  2. Let's Encrypt could issue a counterfeit certificate, but that's why all certificates are reported in the Certificate Transparency log. If you're concerned about this, you could watch for certificates being issued with your domain name that were never in used on your servers.
  3. Again, this is the benefit of Certificate Transparency. Users could cross-check against the CT logs to ensure that any given certificate is valid. This will be slightly less effective than watching for a certificate on your domain, but in theory a rogue certificate could still be identified.

In terms of its impact on Confidentiality and Integrity, I'd be most concerned about a supply-chain attack on the tools that you use the request a Let's Encrypt certificate. The default tool - certbot - requires a great deal of access, because it's also designed to install the certificates in a variety of web servers, and the designers felt that if you are issuing certificates you should be root anyway. Fortunately, the tool is open source with over 300 direct contributors, so slipping something into the tooling would be less likely than say... slipping something into one of the libraries you use for your web application.


And

  • They could refuse to issue new certificates.
  • They could be forced to give your personal data (registration email, list of linked domains to your ACME account, IPs of your server, ...) to US Authorities.
  • They could be forced to give personal data (IPs, user-agent, ...) of the visitors of your website (using OCSP requests) to US Authorities. (OCSP staple can prevent that)
  • They could prevent some of your visitors to reach your website by refusing to answer to OCSP requests (If their browser have an hard-fail for OCSP configured. And maybe they could send a "revoked" OCSP answer only to them). OCSP staple can prevent that too

And they do post (some) stats about these requests: ISRG Legal Transparency Reports

Other related links on https://community.letsencrypt.org:

  • Details on the two US Subpoenas received

  • According to mcclatchydc.com Let’s Encrypt revoqued and banned USAReally.com

  • Certificates for US sanctioned countries

  • Let’s Encrypt and U.S. laws

Tags:

Certificate Authority

Letsencrypt

Tls

Government

Related

How does full disk encryption cater for overprovisoned disk space in flash devices and can this result in data leakage? Does the destruction of sensitive information limit the choice of hard drives to non-flash based devices? Why is Gbt3fC79ZmMEFUFJ a weak password? How do I monitor what a penetration tester is doing? How can SSH server know private key is incorrect if passphrase havent been provided yet? Is ssh with public key authentication, no passwords secure enough? Is there a way to make sure my government does not swap out SSL certificates? Can someone read my E-Mail if I lose ownership of my domain? A site supports Public key length of 256 bits while best practice is 1024+ - what does this mean? How does medium.com know my google account? Apparmor - how to 'allow everything' rule, then tighten up? MAC randomization for Bluetooth?

Recent Posts