Hi security knowledgeable people. I have a problem understanding the bigger security model behind Let’s encrypt.
From what I understand SSL and certificates give us mainly two things:
(1) Encrypting the communication between client and server, so that a third party can not read the communication.
(2) The client can verify the server’s identity.
By itself (1) is not enough, because a client can be fooled into talking with a malicious server, and then having the communication encrypted doesn’t really help.
Let’s Encrypt allows me to automatically obtain a certificate for my webserver at the domain www dot example dot com, assuming that I have control over the contents of the website at www dot example dot com (This is checked by the Let’s Encrypt HTTP challenges). By this model having control over the contents of www dot example dot com I prove my identity as the owner of www dot example dot com
My question is this: Why don’t we take a shortcut and let me self sign my certificate of www dot example dot com ? The usage of SSL with self signed certificate fulfils condition (1) from above. Condition (2) is fulfilled implicitly because I have control over the the contents of www dot example dot com.
I can formulate my question in the form of an attack. Assume that I publish my website at www dot mywebsite dot com. Also assume that some big government agency (call it ASN) wants to show users something else when they visit my website.
ASN, Being a large government agency, can pass the Let’s Encrypt HTTP challenge (Using a man in the middle attack for the HTTP protocol), and then obtain automatically a certificate for www dot mywebsite dot com. Using this certificate they could fool users into seeing a different www dot mywebsite dot com, which breaks the SSL security promise.
I think that having a self signed certificate give us a similar security setting to using the Let’s Encrypt model, with the additional advantage of not being dependent on the Let’s Encrypt central authority for creating certificates, and without having to automatically generate a certificate every 3 months.
I am pretty sure I am missing something here. Please tell me what you think.