This is not related strictly to Let’s Encrypt, but TBH this idea came to my mind and I think this one is the proper community to share it.
What’s the real problem of self-signed certificates? It’s not that they don’t encrypt communications, but rather that you cannot trust that the site owner is who is signing it. Let’s Encrypt implements some protocols that verify that automatically and thus you can trust that who is serving your request is who claims he is.
However, imagine that we develop a protocol similar to SPF (for SMTP), based on this simple idea:
- You create a TXT record on
example.com, and it contains some kind of clause that indicates the public key of the CA that is allowed to sign certificates for this domain. We can call it something like
ACA(Allowed Certificate Authorities). It could look similar to
ACA V=1 S=0 PUBK=somelongpublickey(
Sfor subdomains (to know if the same policy applies to subdomains), and
PUBKfor public keys allowed to sign certificates here).
- The browser reaches your domain and gets a cert.
- The browser asks for your TXT records and gets the ACA record.
- The browser verifies the cert signature.
- The browser knows the connection is trusted.
This way, communications would be secure, encrypted, verified, and decentralized.
What do you think?