Let's Encrypt is Not a Really, Really, Really Bad Idea!

(Did I mention it's not a bad idea)

This is a response to the Medium article on Let's Encrypt being a really, really, really bad idea located here  https://medium.com/swlh/why-lets-encrypt-is-a-really-really-really-bad-idea-d69308887801), and https://medium.com/swlh/why-lets-encrypt-is-a-really-bad-idea-part-ii-b05944c1c501

First of all, I don't know the author, and I am not associated with Let's Encrypt or any other Certificate Authority.   I am simply a development and security professional concerned about incorrect, incomplete, or bad information making the rounds.  This article has been forwarded to me about five or six times in the last few of weeks and has certainly generated a lot of conversation.  Unfortunately, the conversation is not a good one.  

Right now if you type "Let's Encrypt" into Google you get this article showing up on the front page at about number five on the first page of results.  Most security teams err on the side of caution and if there is an article that shows up at the top of your search results called called "Let's Encrypt is a Really, Really, Really Bad Idea" it is going to freak people out.   Either this guy works for a CA, makes money off of a CA, or is simply really bad at security.  I'm not sure how he got Medium to even post it.

Let's take a look at how Let's Encrypt works and what the risks are.  Yes,  there are always risks.  No security is perfect...

How it works

Let's Encrypt is based on the ACME protocol which makes it possible to automate the certificate request, issuance, and revocation process.  This is accomplished by running a certificate management agent on the web server.  There are many, many clients that can do this for you.  If you are just getting started with Let's Encrypt I recommend [CertifyTheWeb](https://certifytheweb.com/).  They have a nice interface.

The first thing that happens is Let's Encrypt identifies the administrator by the public key.  The agent generates a new key pair and proves to Let's Encrypt that it controls one or more domains.   Next, the agent asks the Let's Encrypt CA what it challenges it needs to complete to prove that it controls the domain.  In most cases this is a DNS record.  Once this is done the agent is authorized and is free to perform certificate operations with the newly authorized key/pair.

How Let's Encrypt is Better

Renewals - What I like about Let's Encrypt is that renewals happen more frequently than they do with the traditional CA process.  When I buy a certificate from Comodo or other CA I generally buy a one or two year certificate, and I don't do anything until some alert or more often (a spreadsheet or email) tells me that it is going to expire.  If that certificate is compromised the window I am operating under a breached environment can be much longer.  

Automation - Automation is good.  I have no idea why Medium article guy is arguing against automation.  Maybe he likes clicking things and making mistakes.  I embrace our future robot overlords and you should too.

No WildCards - Let's Encrypt does SANs (Subject Alternative Names) but does not support wildcards.  This is generally a good practice.

So what are the Risks?

The original premise of Let's Encrypt badness in the article was that it was a big target and people running it didn't have a profit motive to do a good job.  This argument is based on a false premise and cannot result in a valid risk assessment.   This is the same argument given for open source software.  I hate to quote Donald Trump, but this actually is "Fake News"

There are a couple of things that are worth discussion.

1. A compromised agent program that is sending data somewhere else.  However, this is easily remedied by following the clean source principle and monitoring what the agent is doing.
2. The ACME protocol is relatively new.  Can it be compromised?  I think it is pretty safe given that it was designed by the ISRG, but this is always something to stay on top of and keep up with the news.  Protocols generally go through a few versions.   Let's Encrypt is also not the only CA to use this.  It was the first for sure, but it is gaining adoption rapidly.

I will leave you with this...

Use your best judgement.  Let's Encrypt is not a fit for every environment.  Try it out in test or lab environments.  See how automation can make our lives easier and more secure at the same time, and maybe you can save your businesses a few thousand dollars a year.