Warrant Canary as LE is US based

zaggynl · May 14, 2019, 8:03pm

Does Letsencrypt have a warrant canary?

I’m no lawyer but Letsencrypt being US based I’d guess it is susceptible to the US gov walking in with a demand for the keys and giving Letsencrypt a gag order at the same time.
Like what happened with Lavabit: https://en.wikipedia.org/wiki/Lavabit#Suspension_and_gag_order

Especially as Letsencrypt is being sponsored by Cisco, Facebook and Google, companies who worked with the NSA per: https://upload.wikimedia.org/wikipedia/commons/f/f3/PRISM_Collection_Details.jpg
https://en.wikipedia.org/wiki/PRISM_(surveillance_program).

Doesn’t this make using a home server useless?

_az · May 14, 2019, 8:21pm

Your browser trusts dozens of certificate authorities. Any single one of them could issue a valid certificate for your website.

You are already protected, because browsers now require SCTs to be embedded in all trusted certificates, as part of certificate transparency. Read this: https://www.certificate-transparency.org/how-ct-works . This is a much stronger, cryptographically-based protection, unlike a warrant canary, which nobody knows how to interpret anyway, most of the time.

If the US government wants to start using Let’s Encrypt’s CA keys to create unauthorized certificates for all your domains, the certificates would still need to show up in certificate transparency logs. That means, you can catch them in the act by using something like https://sslmate.com/certspotter/ . What’s more, this protects you from the compromise of all CAs, not just Let’s Encrypt.

JuergenAuer · May 14, 2019, 8:26pm

Hi @zaggynl

a certificate uses a public / private key pair.

An ACME-client creates the key pair local and uploads only the public key to Letsencrypt, then a signed public key is returned.

So Letsencrypt can't know your private key.

So it's generally impossible.

But it's possible that your server is comprimised and your local private key is stolen. That's always possible.

schoen · May 14, 2019, 8:44pm

Please take a look at the ISRG legal transparency reports:

These publicly describe the amount and kind of legal process that ISRG is presented with by governments.

(@_az’s and @JuergenAuer’s answers are also helpful—all Let’s Encrypt-issued certificates are publicly disclosed in a place outside of ISRG’s control, and Let’s Encrypt never knows subscribers’ private keys.)

zaggynl · May 14, 2019, 8:56pm

Thanks all, I have some reading to do

tdelmas · May 14, 2019, 10:13pm

As @schoen said, they publish transparency reports on their Policy and Legal Repository : Policy and Legal Repository - Let's Encrypt.

According to ISRG Legal Transparency Report, January 2015 - June 2015 - Let's Encrypt :

we will be publishing reports twice annually. [...] reports will be published three months

Until now they have respected that pledge.

Also related: Does Let's Encrypt have a Warrant Canary? · Issue #94 · letsencrypt/boulder · GitHub

josh · May 15, 2019, 2:45am

I’ll just note that I sometimes upload the reports early if all matters from the reporting period are resolved and I have the time.

system · June 14, 2019, 2:45am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.