I’m not sure if ‘pfg’ is speaking officially for LE or not but I reply to him as he quoted me. If he is a regular supporter then some of this is not directed at him personally even though it might sometimes seem like that, apologies for that.
Sorry just a quick note here so others don’t misunderstand as well. I was (and am) comparing LE with Zimbabwe (1) . I was comparing potentially compromised LE administrators to the dictator, Robert Mugabwe would regularly tell his people what was good for them. Your reasons wondering why LE would be the target of compromise are sadly EXACTLY the reasons that it would be the target. It is free, perceptively light on client details and provides a service that non technical people could integrate in standard software. Now if I was the NSA and wanted a means to inject certificates into small independant sites that wanted to fly under the radar who would I approach, LE is just the ticket, it bullies customers to use a user interface that is a single point of failure for a large number of users, it has a recurring mechanism for monitoring activity, there (may or may not, I don’t have a full understanding of these things) be traffic to the co-signing authority at some stages of preparation or use. All these things lend themselves to being a lovely CA to compromise and are THE MOST IMPORTANT reason that LE should be so open and transparent about why they RECOMMEND the 90 days and be the most willing to accommodate reasonable requests from end users who have LEGITIMATE or PERCEIVED security concerns.
I am making exactly that claim so you can believe it, it has been made by at least one other (perhaps more) on this thread so I am not hallucinating, I am guessing that the thought has crossed a few more minds. Misreading my comment and making it sound like I am trying to make LE out to be bad is not justified, I lie awake at night hoping for a free and open CA (no not relay but I would learn to use it is I trusted it) I want LE to succeed, a cloud of suspicion does not count as success in a security application.
I was not here at the start but again what I have read and what has been written on this thread lead me to believe that this was not the published brief at the start, this is why I and others have justifiable and unanswered cause to say that LE administrators are [quote=“pfg, post:236, topic:264”]
“ignoring” the feedback
Plenty of ‘empty’ feedback that amounts to ‘my way or the highway’ and using words like ‘push’ to motivate your target market are far from a misunderstanding, it is a reasonable assumption to make unless something more clear comes up. We have heard LEs reasons and the replies here have offered some (well) reasoned workarounds to some of the concerns and may even have changed some poeples minds about some reluctance in some cases. But the big one keeps coming up, where is the cost to LE to let the certificates last longer unless it is pushed from upstairs.
Every reply I see supporting the LE way makes me MORE convinced it is a honey-pot because each one is just getting more entrenched with the party line instead of trying to support the STATED target users, those that want a free adjustable lifetime certificate. After all it is so easy to prove me and all the other critics wrong, it is just a constant in a file somewhere, not an optimised or justified ideal that has to be protected at all costs and don’t for a moment think that everyone will dismiss all this dialogue.
As has been advanced by a few others I can only suggest that the way to solve the problem with goal 1 in a robust way is to have a change of heart, (say a security expert recommended it if you want to save face) and make the lifetimes selectable so people have trust in LE and the use of certificates grows.
Then to support the added secondary goal of systemic automation for reasons that are not even all totally clear or universal the LE team will work (probably with enthusiastic support from many volunteers and testers) to make the user interface so easy, secure, open, simple, practical, universal, robust and desirable that people crave to use it. Also publish all the security experts research that shows WHY 90 days is better and how it is so easy to implement.
Just in case the business case is clouding judgement, recall there is no loss of revenue to consider here, something else is at stake.
(1) My apologies to those that are not that altogether familiar with the Zimbabwe case. It was called the bread basket of Africa at one time with huge maize, tobacco, mineral and metal exports. It had one of the highest literacy rates in Africa, the press was free and tourists came to visit. Post Mugabe and hyper inflation the country is a basket case. I hope LE does not take the same direction. We just have to remember what dictators can do, dictate, the reasons do not matter so much in the end if the results are unsound it is a bad ship to sail on.