Warrant Canary as LE is US based

#1

Does Letsencrypt have a warrant canary?

I’m no lawyer but Letsencrypt being US based I’d guess it is susceptible to the US gov walking in with a demand for the keys and giving Letsencrypt a gag order at the same time.
Like what happened with Lavabit: https://en.wikipedia.org/wiki/Lavabit#Suspension_and_gag_order

Especially as Letsencrypt is being sponsored by Cisco, Facebook and Google, companies who worked with the NSA per: https://upload.wikimedia.org/wikipedia/commons/f/f3/PRISM_Collection_Details.jpg
https://en.wikipedia.org/wiki/PRISM_(surveillance_program).

Doesn’t this make using a home server useless?

#2

Your browser trusts dozens of certificate authorities. Any single one of them could issue a valid certificate for your website.

You are already protected, because browsers now require SCTs to be embedded in all trusted certificates, as part of certificate transparency. Read this: https://www.certificate-transparency.org/how-ct-works . This is a much stronger, cryptographically-based protection, unlike a warrant canary, which nobody knows how to interpret anyway, most of the time.

If the US government wants to start using Let’s Encrypt’s CA keys to create unauthorized certificates for all your domains, the certificates would still need to show up in certificate transparency logs. That means, you can catch them in the act by using something like https://sslmate.com/certspotter/ . What’s more, this protects you from the compromise of all CAs, not just Let’s Encrypt.

4 Likes
#3

Hi @zaggynl

a certificate uses a public / private key pair.

An ACME-client creates the key pair local and uploads only the public key to Letsencrypt, then a signed public key is returned.

So Letsencrypt can’t know your private key.

So it’s generally impossible.

But it’s possible that your server is comprimised and your local private key is stolen. That’s always possible.

2 Likes
#4

Please take a look at the ISRG legal transparency reports:

These publicly describe the amount and kind of legal process that ISRG is presented with by governments.

(@_az’s and @JuergenAuer’s answers are also helpful—all Let’s Encrypt-issued certificates are publicly disclosed in a place outside of ISRG’s control, and Let’s Encrypt never knows subscribers’ private keys.)

4 Likes
#5

Thanks all, I have some reading to do :slight_smile:

#6

As @schoen said, they publish transparency reports on their Policy and Legal Repository : https://letsencrypt.org/repository/#isrg-legal-transparency-reports.

According to https://letsencrypt.org/2015/07/01/legal-transparency-report.html :

we will be publishing reports twice annually. […] reports will be published three months

Until now they have respected that pledge.

Also related: https://github.com/letsencrypt/boulder/issues/94

#7

I’ll just note that I sometimes upload the reports early if all matters from the reporting period are resolved and I have the time.