Please look up the word “responsibility”.
Useless feedback…
You had your feedback. Your continued insistence that you are correct in the way you are conducting things is just further proof that this service is not trustworthy.
2 Likes
Believe what you want.
I’m guessing the OP finds nothing wrong with scam and/or phising mails/sites too. Because if we have to follow his argumentation, all the users of the internet should be able to know or be able to know/find out if a site/mail/whatever is thrustworthy or not.
Wheras in reality among all those users which cán differentiate between benign and malign, there’s a significant percentage of users who are completely oblivious to risks of any kind. And unfortunately, as we’ve seen on this community, there are a lot of users experimenting with Let’s Encrypt who shouldn’t run a webserver connected directly on the internet at all.
And you’re asking those oblivious people to enter their FTP information, possibly giving up sensitive information. You even give them the choice of unencrypted FTP… How 1999 is thát?
All these choices, the lack of taking responsibility, is further enabling poorly managed servers by poorly educated “”“admins”"" to exist on the internet.
These n00bish “”“admins”"" think their server is safer. It probably isn’t. Their WordPress sites are probably still ancient, while they think “but I have SSL now! I’m SAFE!”. (Helloooo new addition to a spam-botnet!) The fact they need a site like yours prove they are idiots. (And that’s not a complaint to your site, but to the users…)
I stand by my conclusion: your site shouldn’t exist. There is no place for it, now nicely set up it might be. Not in its current form anyway.
@sjdfnldas: Initially I had the impression that you were honestly trying to provide a helpful service for the less tech-savy users who might not succeed to use the provided clients on their servers or local machines directly.
But your stubborn rejection to accept that your concept contains flaws really makes me wonder. If there is even the slightest chance that users give their private key away, the solution is bad and should either be fixed or taken down.
It’s not about trusting the browser, it’s about eliminating any chance of wrong doing.
Personally, I don’t see the point of such a service (besides any implementation issues). The way I see it, Let’s encrypt is all about automation and currently targets tech-savy users and engineers who are willing and able to overcome any hurdles that the current clients might still present and provide feedback to the developers to improve the situation to make it ready. After all, we’re still in beta.
Opening the process to less tech-savy users should be left to service providers who can integrate Let’s Encrypt into their offerings once it has matured. Manual solutions are a call for trouble in itself and should be avoided at all cost.
Assume what you want. I give everyone all the choices necessary and recommend the best ones. If a person doesn’t have secure FTP and can’t do manual verification he shouldn’t be denied an SSL Certificate.
All major FTP clients give the choice of unencrypted FTP because in reality many servers don’t have secure FTP. Standards move forward because the right people work towards it, not sit here and complain.
Let's encrypt is all about automation and currently targets tech-savy users and engineers
I believe that everyone should have access to it even if they aren't technical. I do accept that it contains flaws but I believe it is the right balance between accessibility and security.
Do you have any plans of allowing users use there own CSR?
I thought about it but if you know how to generate a CSR then https://gethttpsforfree.com is the better choice.
1 Like
It’s actually added now after a bunch of requests and looking how much of a pain gethttpsforfree is to an average user.
@sjdfnldas even if the Key is supposedly generated in the browser, the point that you use a fallback that generates the key on-server makes it hard to verify whether a key is really generated in-browser.
especially for the non-techy people (your target group)
Please read the how it works section on the home page https://www.sslforfree.com/. If you want to be fully protected then provide your own CSR.
well if it is supported that is nice, but what is if something (software can be scary stuff) interferes with the feature so that it cant be used for some or another reason (or the most simple example, the javascript fails to load because of slow and/or unstable internet, happened to me often enough)
then you cannot see whether the key was actually generated in browser or not.
If javascript fails to load then nothing will work…
@sjdfnldas i’ve not reviewed your implementation, but don’t let your detractors dismiss your solution simply on the basis of where the keys are. AWS is a huge respected organization, and their Amazon Certificate Manager (similar to LE) also does not allow the end user to access their private keys, exactly like yours.
https://aws.amazon.com/certificate-manager/faqs/#private_keys
the level of complexity/access required for an (otherwise properly used) private key to be useful for malicious purposes makes the discussion a little comical. Let’s do a little experiment…we can fire up a throwaway webserver on a throwaway domain, obtain and install a cert. @TCM (and others)…what would/could you do if I gave you the private key? You are going to run into DNS challenges before you can do anything malicious with it, except maybe locally on a LAN/DNS implementation that you control.
but at least for spying on users in the controlled network it is entirely possible, or DNS cache poisoning there’s enough bad stuff that can hapen and the weakest link breaks the chain.
That's not a really good argument. AWS needs the private key anyway..
Don’t feed the trolls.
Some guy that can’t get python to run on Windows? SRS’LY?
I like the website - I would never use it as I am paranoid but I think that you are providing clear communications on how the process is done and that is good.
You have changed aspects of the website based on feedback and that is also good. I believe many of the dissident commenters here have a good technical knowledge and as such can see the flaws in a website such as this. Privacy and security is paramount and there is always a risk of private key exposure in this method.
With out a doubt the most secure way of setting up Let’s Encrypt is doing it yourself and not using a third party website. But I can see that you are trying to make it easier for those with less technical knowledge. You need to be aware though that you are now under scrutiny for being trustworthy, perhaps more so than your website.
Thanks.