Questions re: Production ECDSA allow-list

Yes, got the confirmation mail as well as my first E1-issued certificates, yay!

4 Likes

2 posts were split to a new topic: Apache chain issues with dual RSA/ECDSA certificates

Hi, will the ECDSA release list be updated this week?

3 Likes

Yes! The list was last updated on Friday, July 9th. The next update will be July 15th.

4 Likes

Is there a "public sample website" users can visit in order to check/verify that their clients accept the new production ECDSA certificate chain (the one from the staging environment won't do) without having to create a separate test account and to fill out the forementioned form? :slightly_smiling_face:

2 Likes

The closest thing actually run by Let's Encrypt themselves is https://valid-isrgrootx2.letsencrypt.org/. However, that site is (intentionally) configured not to send the Root-X2-signed-by-Root-X1 certificate over the wire, so your client will only accept it if it's something like a web browser that already has that certificate in its cache (or has been manually configured to have Root X2 in its trust store directly).

Someone posted their E1 site here publically, so you might use that, though I believe it only has IPv6 connectivity so if you're using a backwards ISP that hasn't figured out how to do IPv6 yet then you might not be able to see it.

I personally have some E1 certificates but they're for things like my mail server and aren't really publicly accessible. AWS very recently announced support for ECDSA certificates in CloudFront, and I've been meaning to try it out, so maybe at some point I might put a little test site together. Don't hold your breath waiting for me, though, as I have plenty of other little side projects also on my list that I haven't gotten to yet. :slight_smile:

And maybe there's something else out there that I'm not familiar with. Anyone feel like poking through the certificate transparency logs of everything signed by E1 and see if there's a good test site somewhere? It's hard to exclude all the radiantlock.org certs that Let's Encrypt uses for testing but that aren't really public as far as I know.

5 Likes

For an IPv4 + IPv6 capable system, you can check out https://ecdsa-test.germancoding.com/ (Note that this is not official either)

It requires SNI though, but almost every TLS implementation does this nowadays. If you don't send SNI, you also get a valid cert, but with RSA key*.

Also note that the new ECDSA chain is just some intermediates terminating at ISRG Root X1 (ISRG Root X2 is considered an intermediate as of today, as it's not in root programs yet). Any client supporting ECDSA and trusting ISRG Root X1 should have no trouble with the chain. For ISRG Root X1, there is an official public test site (with RSA leafs and intermediates): https://valid-isrgrootx1.letsencrypt.org/

*If you do send SNI, but do not support ECDSA, you get an SSL/TLS handshake error (this is useful to check for ECDSA support). On my main pages I have an automatic RSA fallback, which is deliberately disabled on this test page.

5 Likes

Hi.
Am I supposed to get a confirmation email when I have been accepted onto the allow-list for ecdsa cert issuance?
Thanks

2 Likes

Yes, i got a confirmation email.

3 Likes

Usually yes, but you may be on the list even before you receive the email.

3 Likes

Okay, thanks, maybe it'll take a while before I get it.
Filled in the allow-list form last weeked and noticed today I was able to issue an ecdsa cert from E1.

2 Likes

Any (modern) Firefox will work. A Firefox concludes that this is trustworthy because it inherently knows X2 is signed by X1. When you download Firefox a complete set of such trust relationships for unconstrained intermediate CAs is included in the box. Mozilla policy requires CAs, such as Let's Encrypt to provide it with copies of such certificates whenever they issue them. Even the bare leaf certificate would work, Firefox will see that it has a valid signature from E1, and that's enough to work out that it's trustworthy.

You shouldn't configure your web sites this way, but some people do and Firefox works anyway.

2 Likes

I've reworked the test page to include some TLS data, to make it a bit more interesting. Would like to have a display too that shows if the connection actually used an ECDSA certificate*. Sadly I don't see an easy way to do this with current setup...

*This is rather easy on TLS 1.2, as one just needs to look at the signature algorithm in the cipher suite. TLS 1.3 doesn't have this anymore though, so it's not a viable solution anymore.

2 Likes

I submitted the form on Aug 17, 2021, but I haven’t received the email until now. Is this normal?

2 Likes

FWIW it's been 13 days between confirmation of my ID and pushing to production.

2 Likes

That's too bad :frowning:
Hope to improve the process and increase transparency.

2 Likes

That's too bad :frowning:
Hope to improve the process and increase transparency.

2 Likes

This is a manual process, I believe, so we appreciate your patience with the staff.

:pray:

2 Likes

Yes. We review the form data on Tuesdays or Wednesday each week, update the allow-list, push the change to production (approximately) on Thursday, then notify subscribers when it is updated. It's possible that you missed the cut-off but equally likely that we are a little behind schedule. Thanks for your patience.

6 Likes

While I'm sure nobody was actually waiting for me, I did want to play around with the new ability to use imported ECDSA certificates in AWS CloudFront and so I put together a test site of my own. Just in case it's useful to people to have yet another to try out, it's at https://le-e1-test.cooperjr.name/. It's about the simplest possible page one can make, and is serving the E1-signed-by-ISRG-Root-X2-signed-by-ISRG-Root-X1 chain. (And obviously, there's nothing "official" about it and I may take it down eventually.)

5 Likes