Manual-public-ip-logging-ok deprecated - and now what?

Ok so this flag is deprecated, what is the consequence?

Will there just be no more manual prompt (currently there still is)?

Or is there a different syntax or alternative handling?

Or is this feature simply removed - and that's it? Which would make automating renewal impossible?

Couldn't find the answer so I had to ask.

seems I misstook the agree-tos prompt for the ip logging one... so I guess there is just no prompt any longer

Correct, the prompt regarding public IP logging has been removed and thus the CLI option --manual-public-ip-logging-ok has been deprecated. In future Certbot versions the option will be removed (or maybe it already is?) and if that has happened, Certbot will fail if the --manual-public-ip-logging-ok is still used, as it won't recognise that option.


The history of this flag is that the original discussions around the creation of Let's Encrypt included the possibility of giving detailed logs of certificate requests to security researchers, or to the general public, to allow for research into patterns of misissuance and maybe to allow domain registrants to learn more details about requests for certificates for their domains (like to track down how misissuance or misconfigurations were happening).

This was contemplated as a heightened transparency mechanism because we were not accustomed to having large-scale 100% automated issuance of publicly trusted certificates, and we knew that some people would be worried that this would be a recipe for lots of misissuance and attacks (particularly since human beings wouldn't necessarily be in the loop to notice anomalies that might indicate an attack). It was also discussed that it might allow outsiders to detect and publicize if Let's Encrypt got hacked (as several other CAs had been in the years immediately prior to the start of the Let's Encrypt project).

This transparency idea would also have hurt users' privacy by revealing more about them, particularly where on the Internet their requests were coming from (which might even be a user's home IP address in the case of someone running --manual on a desktop computer). So the warning was added while Let's Encrypt's eventual log transparency posture and privacy policies hadn't quite been nailed down yet.

Since Let's Encrypt ended up deciding not to publish this information for privacy reasons, it's become misleading to warn users that they have to worry that it will happen. Let's Encrypt log data might potentially be disclosed in response to valid legal requests, but never routinely. (There's also a much greater reliance on the Certificate Transparency system to fill in any transparency gaps about misissuance events, which in retrospect is probably a good compromise, and which much of the PKI community seems to be comfortable with overall by now.)


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.