Security implications of not using email

It is unclear to me how exactly important are LE accounts and their emails. I know I can either put my email with an --email flag or use --register-unsafely-without-email. My boss does not want me to disclose our emails. However I understand it may be “unsafe”. I wish to know how exactly “unsafe” it is. What are possible risks and implications of not supplying email or supplying the wrong one?

I know I will not recieve expiration notifications. Is it the only reason why or is there someting else to it?

Will I always be able to get a certificate as long as I can pass the challenges?

3 Likes

You have some details about how the email is used there: https://letsencrypt.org/privacy/#subscriber

Mainly, it’s to send a reminder to renew the certificate when one expires and you didn’t create a new one, but you can (should) have a monitoring service for that.

But it may also may be used it some case to informs users of some ACME software of a bug for example.

Also, if technically possible, you can register an email alias (ex. letsencrypt@yourcorp.com ) that redirects to the person(s) in charge so you don’t have to disclose any existing email.

6 Likes

That’s correct, thanks for the great answer @tdelmas

We frequently reach out to contact addresses when diagnosing/blocking weird traffic from buggy clients. We also use it to contact users that are relying on features that are being deprecated that will affect their renewals (e.g. if you were prev. renewing a certificate with the now-defunct TLS-SNI-01 challenge).

+1. I do think it’s worthwhile providing an email address unless it’s absolutely impossible.

5 Likes

This would be easier in our case if there was a way to preemptively opt out of the expiry bot - we send our own emails. The FQDN sets in shared hosting tend to change often and the expiry bot would more often than not report false positives. Due to our execution environment, it’s one account per user.

3 Likes

Thanks for raising that point. If you provide a contact address for your ACME account and unsubscribe from an expiration warning email your email address will still be in our database/logs which means for one-off communications it’s still accessible. However I suspect the tooling we use for the cases like the TLS-SNI-01 deprecation the messages will get dropped by our 3rd party email solution. That’s the layer that handles the expiration unsubscribes. Something to think about if we ever decide to replace the 3rd party.

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.