 Okay, hello everyone Hi, I am Erica. This is sirpott and let's encrypt office hours Unless you're just sitting here because it's a nice shady spot in which case welcome anyway I had in mind that this would be pretty free for him if anyone has questions Maybe just to get a show of hands who came to this like hoping just to kind of hear what other people had to say Without like specific questions in mind. Maybe maybe uh-huh. Uh-huh. Okay, cool Who had individual questions about their use of like oh man? I want to use sirpott for this but will it work for that or I need to use let's encrypt But I'm getting rate-limited stuff like that who had who had questions like that Okay, who had general questions about the way that sirpott or let's encrypt work But they think might be interesting to a larger audience Who didn't raise their hand Okay, interesting. Maybe I should continue asking who didn't raise their hand to the who didn't raise their hand because I think there's Still more of those but anyway Okay, I've got a mic here I Have a mic here for your questions because otherwise we can sit here and stare at each other So, okay, who has a question about sirpott and let's encrypt Who came here to learn what sirpott and let's encrypt are Okay Well, this is this is your hour. Um, I actually was recently informed that this might be not a universal thing Office Hours is like a university term. It means that like generally the professor or grad student will sit in a room And people will bring their questions So that's what this is if you didn't realize that sorry Yes, Mike Maybe it's not directly related to sirpott, but for using DNS challenges I Would not like to make my domain for dynamically updating And the question is is there another hook or trick to use DNS challenge Without make the entire domain possibly for DNS update If you want to use this. Yeah, go ahead. We have a helper here who also works on sirpott Do you want to yeah Like a server yeah, I'll just see how He wrote a thing to help you do this So, okay, so it's Subdelegate DNS The problem actually is Pretty easy to solve you are able to well, let's encrypt follow C names So all you have to do pretty much is to point to C name from Like the magic subdomain underscore akmei-challenge.youractualdomain.tld to whatever domain domain you wish and You can use a throwaway domain for the actual validation So your whole DNS zone doesn't get compromised. So you create your domain dot throwaway domain.tld C name and Actually updates TXT record to that one But this one I Will show you There's actual recorded Video How it actually works? I Wonder if you can see can you see it like is it large enough? and smaller Where is the yeah, okay too small So let's go back anyway, okay, I'll explain it's You have like a one-time task that's manual you create the C name record to your actual domain like you want to you want to have a certificate for a your domain.tld you create the C name from underscore akmei-challenge.yourdomain.tld that points to whatever Yeah, yeah, and the another domain is the one you can like update the TXT record to and the CA will follow the C name and Use the TXT value from the throwaway domain in a sense but what the Akmei DNS does it's It actually It has an HTTP API That you will be able to use to update the TXT records So it's pretty much just a DNS server with an API, right? But the API only allows updating of TXT records So the so the worst case scenario If your box gets compromised is the same with pretty much every compromised box In regard of certificates So the attacker will be able to get to get your get certificate for your domain But that it limits to that and All the credentials to the API they are randomly generated and You're able to pretty much use the one instance for a lot of large amount of Different domains and create a lot of API keys and use that so it's basically a sub delegate domain Server I'll see if there's something else. Yeah. Yeah. Yeah. Yeah So, yeah That's that answer to your question There's a lot lots. Yeah. Yeah, there's a lot lot in that one, but yeah Yeah Thanks Also Peter has just arrived who was around when it was founded So if you have more questions about that as well, those are also on the board I am a guess I should have said I am a developer on cert bot and you just got Answered questions by another sir bot developer So definitely here for those. Yeah. Yeah, thank you. I just attended your usability talk and As a developer and system administration The best part is having certificates at the worst part was the user interface Well first is to do thing to automatically update stuff. I can't use that on my servers and But lots of things changed or better. There are other clients and that works But what I'm still wondering is I get Or Two things one. I didn't have to supply an email address when I created the account So I don't get messages and to I'm getting lots and lots of emails that my Difficulties are about to expire, but when I actually check them It's not I don't know about the second one, but you don't actually technically need an email to sign up There we have a flag register unsafely without email There's reasons that we might want that email there as for So, what do you consider about to expire? well Can you repeat the we send them like weeks in advance so that people have time and remember Yes And Yeah, because I've more I've multiple servers hosting the same domain So I request them for multiple servers and I renewed them automatically every 60 days or something and I get those emails as well You renew them every 60 days and you're getting those emails. Yeah, okay. Yeah, and that's yeah that went down Thanks for reporting this bug. Other bug reports are welcome All right. I'll do that next time I get one of those emails. I'll Follow up with an actual buck report Thanks From what I know the certificates expires after 90 days Okay, do you see statistics that a lot of people try it get a certificate maybe install it on some server and then forget to To renew to renew it because then there are a lot of websites will be like with the warning and The users behavior will change that yeah, I Don't have a number. The thing I will say that we've been doing which is At least for certified users, of course, let's encrypt is bigger than the certified user base is just trying to make for the default case Automatic renewal be the default So if we can figure out how to automatically renew your civic it for you We'll ask you. Hey, do you want to do it run a cron job to automatically renew this and if you say yes We'll just do it for you because if people are running around or like Doing homework every time their certificates need to be renewed. We haven't done things right? We're living in the wrong universe. We want to live in a world where once you enable TLS It stays enabled and doesn't fall over because no one's looking at the box So for us the settling on three months was was partly about saying we know we need to automate this If we pick a year, we're just pushing off like putting off the time when we like figure out how to do automation correctly And maybe for the first six to twelve months that we launched the project the tools we were providing We're not as polished as they needed to be for that. I think they've gotten much better And so now if you run Sir but through Debbie and or a bunch here in order and use for you We're about to ship that for Sir but auto users as well Do you have any plans for like a pass like for example for the big players like Asia or Amazon So where you have just a platform as a server where you have a website you don't have Access to so much. It's already happened like most of those platforms The ones where it makes sense have already integrated with us. So our WordPress a Square space If you're a large hosting provider and you weren't doing TLS before Most of those people have turned around and started using what's encrypt automatically or making it an option for their customers. I Try to to have a look at how to install it and it's like There are some integrations with the with Asia, but it's like Complicated and I really wonder if after three months. I don't forget about it Yeah, I think Amazon if I remember correctly uses their own Certificates like they'll they have a platform as a service certificate provider, but they're not going through let's encrypt They're just doing it themselves Which I might not be super surprised to see as you're doing rather than the let's encrypt integration Yeah, the lots of people who host on ec2 of course use let's encrypt because with ec2 You're not getting like you're not getting a fully managed service You're just getting a box with a shell on it and so for for that portion of Amazon's user base Lots of them are using us but s3 is right for s3 Amazon launched its own CA at about the same time as let's encrypt We we talked to them a little bit during the launch process and we're like, oh, you're trying to do this We're trying to do this. Okay, like We're kind of we have the same objective which is encrypting the web and we were working on it together Thank you Things you always wanted to know. Thank you. I'm also a developer and Working with several environments like Ruben rails and elixir for example, so they are Not directly known I would say to web servers like engine X or Apache and so there is no real automatic configuration possible and I fully understand that But I think it would be a chance to get more people like me I'm using let's encrypt for years Meanwhile, so I'm happy with it, but I think it would be a possibility to get more people on board by providing more detailed documentation on doing maybe not automatic Installation but more like hands-on with special configuration needs Have you looked into either our hooks or our plug-in system to be honestly the Initial installation worked fine and then when I tried to renew I got the error message that I wouldn't be allowed to do so because I was would be lacking sufficient privileges which in Direct translation isn't true because I'm the root of this server so I was a bit surprised and then I just googled for for the for the reason and With a combination of the application server that I'm using and somebody else pointed me that you just have to configure the proper Public directory and then the let's encrypt automatic bot knows where to put the certificate and then everything works out nicely So it was just putting one line of configuration in in the let's Configure now everything works fine and and to find these little nuggets. That's the challenge for me So there were permissions on some directory that were that needed to be changed. No Let's encrypt third bot didn't know about where to put the certificate to because it's not the standard path. It's not the standard path for engine X but The passenger application server has a different Logics regarding public paths and Obviously, let's encrypt third bot didn't know how to Interpret the configuration file of the virtual host Mm-hmm So if I'm understanding correctly, you wanted sir bot to put the certificate that it gets in a particular spot Right. That's solved it so that now update is handled completely automatically. Nice. Yeah, and then pointed directly to that file there Right. Yeah. So the way we have it there is everything is sim linked So we have the actual files kept in an archive directory and then the live active certificate just points to the other ones Sorry, I wasn't clear the problem was not the location of the certificate, but this Proof, I don't know. What's the chain acme challenge? Yes, right. That's one. That's one Which which of those was it the web the challenge file the challenge file. Oh, oh Interesting it was not in a public directory regarding that application servers So obviously it couldn't find it and so it thought it I don't have permission to To manage the application server couldn't access the file The application server wouldn't serve that file because it was in a different location than it was with the application running as route The application was not running as route. Yeah Yeah, we've had a lot of bugs with Some version of that that character, you know people needed to set some permission in their web server to make The web root accessible if they're using the web root plugin because we have multiple different plugins Eric has written this engine X plug-in which you can now use so then you don't need to put a file in in any directory It'll go straight to your engine X configuration and modify that so but it illustrates the complexity of the task That's that what it's trying to do which is like, okay You need you're running on some web server and there are like 10,000 different ways that web servers can be configured and And with application servers behind these web servers then interfering with the web servers exactly So what we provide is a very flexible toolkit That let gives you you know usually five different ways to provide the proof successfully and get a certificate at the end But it's hard to guarantee for every use case that there's a magic thing that will work for everyone Right all we do is provide, you know five different kinds of magic You've got to try them or Google the error message you get and figure okay like in my case I needed to do X so it sounds like what would have been useful at the time when you were figuring this out was an Explanation of what sir bot was doing and where it was putting all these different files and what what it was trying to do Is that right? Yeah, maybe you kind of an exotic Configurations page where we also people can contribute what they have found out because I assume Yet that you can't even imagine what could happen because there are so many different kinds of using a page So it sounds like you eventually found out what you had to do. How did you find that information by googling it? Different person figured it out. It was just adding the line of the web route and that fixed it Yeah, it's a one liner in the end and It I can share that with my community and my bubble. That's quite easy But obviously I couldn't make this information accessible to other people who using the same web service If I could provide these kinds of information to the third-party documentation, maybe that could help Well, we definitely would love any pull requests to the documentation It's all on github and we in fact are recently We've had a bunch of updates to our documentation from an outside contributor who's been very helpful at explaining at least some of those things Yeah, I don't think we currently have a section for exotic configurations But hey if you want to create it it's open source. That's for right Yeah, for now, I think we mostly use the community forum for that But we'd love to have more documentation about how to do it for a particular web server That'd be great if you want to contribute that back didn't even you about that form for example. Okay. Thank you. Yeah, thanks And thanks for providing the certificates. It's awesome Okay, if you just came in we are doing sir bot and let's encrypt office hours where you bring your questions about House or bot works for you house or buck and work for you better if you have suggestions as well We'll take those also anything you always want to know our deepest dark. It's secrets People developers favorite color What Peter eats for breakfast anything is a game I'm volunteering Peter about the breakfast thing that might not be accurate anyone anyone questions questions Yeah, I guess this is the question share So I think with the what's let's encrypt is doing is great. I use it for all my certificates now. It's so easy Um, and it's I think isn't a wonderful that's in for encryption on the web already But it's still right now creating for people who need a lot of you guys are I made away or don't want to spend Lots of money in certificates. There's still only one CA let's encrypt that does this and there's been lots of talk about another See I can use the acne percals open source of that Um I'm curious from your point of view since you'd probably know more than all of us here because you're more involved Is there any actual interest or other CAs or another organization trying to take up the same thing to add basically? Try to become a competitor of you guys not that you need to compete because it's a free service But I feel like one day maybe say let's encrypt goes down Worst-case scenario, but then now there's there's there's a giant vacuum versus having a backup plan Yeah, no, that's we that's something I think we all agree with also like it's not a company Petition it's not like we're trying to get the most active users We all think it'd be great someone else wants to come in step up. It's just it is, you know an organization It takes time it takes resources to do things like this If you happen to work for an organization that wants to run their own version of one of these that would Obviously be welcome We've seen some CAs using if not ACME then ACME like things, but that's more for like meant for corporate internal Certificate things that they're selling as a software as a service We haven't really seen anyone else interested in doing the completely open to the public get your certificate here thing Except I think as we mentioned before Maybe Peter mentioned Amazon does something similar, but only for their customers just having something that's completely open Which even having it for specific services isn't the worst case as long as what we see is having Automated or even automatic built-in certificates For a way that people can do things is something that I think let's encrypt has helped push That there wasn't as much of an impetus for it before having literally another let's encrypt is probably nice But even just seeing people do roll their own versions of it for their own software is already a win Okay, I asked the follow-up to my question. I was what um in creating lots encrypt and Getting trusted by all the major browsers. What was probably the largest hurdle that if another company was take on that challenge? Like you just said they would encounter So there are two I mean one is It turns out that you don't need to get trusted by the the major browsers. That's Strangely irrelevant What you need is to find an existing certificate authority that will cross-sign your certificate and you need to pass an audit and Those are both quite a lot of work, you know, you need to either like Buy charm or or payment persuade a CA to do this and then you need To do a lot of paperwork and a lot of like security through bureaucracy to pass the audit and then you need the operational sophistication to run a service at scale That's doing security critical stuff and that that's almost completely orthogonal to the bureaucracy piece, right? You know, you have to do real computer security and then like bureaucratic computer security and the cost of doing that, you know, I think ISRG which is the organization that is the home for let's encrypt though Like lots of the development still happens at EFF and a little bit still at Mozilla That organization now has a budget in the range of one to two million dollars a year And so that gives you an indication of like the ongoing Expense for doing this and maybe you could do it a little bit more cheaply Especially if you weren't starting at this, you know at this point we actually have serious scaling costs with let's encrypt But the question is who is gonna show up and and stake roughly that amount of money on a new project To do something that's already happening and the answer might be like there's not that much incentive to do it So we would I think really like to better be another CA especially another CA that that like has an open API Ideally speaking acne, but maybe you know speaking something else, whatever it is like that would be great it'd be better for the internet to To have something as a fallback in case we fall apart for some reason Yeah, and I think it would be easier to get that number down because well it depends how you do it So Boulder the implement the implementation of the let's encrypt back end is open source So it's much easier just to jump in and use that It might perhaps be more ideal to create a completely separate second implementation That way bugs in one aren't also in the other But even if a separate organization literally just wanted to run that software and they already have Secure servers that they can use that already takes you a lot of the way there because you could share some of that effort And still get the benefits probably the most likely place to look for this is the existing other CA's right Like it's a lot of work to become a CA for the first time, but Amazon's a CA Google's a CA There are the CA's who used to sell certificate or still sell certificates to everyone Maybe one of those organizations is the best place for us to look for a second free service Thank you. Thanks for asking the questions Microphone offered free of charge. So let's encrypt this practically Making an existing process available to a larger Population let's say where do you see it going? I mean as a project and as a let's say industry The certificate authority Going um Like what's the end game? So we're not We recently passed recently. I guess it's been a few months now past the 50% mark of web traffic being encrypted Which was a big milestone, but that's halfway there I was recently looking at some projections from like 2014 2015 that were like, oh, yeah by 2016 80% of the internet is going to be encrypted. We're not there yet. There is a long tail. There's a lot of sites problems to fix like the I mean a lot of the traffic goes through a few small players But the rest of the traffic still needs to be encrypted There's still a while to go and we're writing off a lot of that in chunks more and more certificates are being Served but I think finishing up that process like what's the old saying like 90% of the work takes 10% of the time and vice versa, right? So there's still a long way to go there. I think is the foreseeable future and continuing to make it Easier for people to use their certificates and all the different use cases that people might need So like different ways of authentication, for example, like having the DNS challenges versus HTTP and Getting that down. It's currently being standardized in IETF So there and there's even a process for having new ways of proving that you own a domain So that'll get more people on also, but I think getting to that hundred or near hundred percent of traffic there's no reason I think we believe that there's no reason that The traffic needs to be unencrypted at this point and getting to that place is the goal Yeah, so that's Eric is totally right. They're actually an amazing amount of work still left to be done for encrypting the internet Another project that we're going to be working on in the next year is mail servers So getting let's encrypt to auto deploy to mail servers and then saying that that's comparatively easy The hard piece is no mail server on the internet is currently configured to check certificates And so what we're going to try and do there is say, okay, wait a minute if I'm delivering to a random mail server Okay, I'm not going to necessarily expect encryption or check a certificate but if I'm delivering to a mail server that has marked itself as Committed to a secure deployment. I'm now going to check the certificate and fail Or at least alert very loudly if I don't get a valid start TLS connection So we're trying to close that authentication gap in email delivery That's one objective a second objective is at the moment if you can compromise routers or BGP or DNS You can steal a let's encrypt certificate, right because our validation methods are TCP Which is the same as the previous CAs But we'd like to offer a way of ratcheting that up once you've got a let's encrypt certificate There should be a way of saying now that I have this TCP is no longer good enough. You now need crypto to get the next certificate and the problem with that is You need really good failure recovery modes when someone does this they install let's encrypt or insert bot on a box They get a certificate they pull up the ladder after them and only they say only pure crypto now And then they accidentally delete that virtual machine or the hard disk that they had on that server dies How do we make sure they haven't hosed themselves permanently because we turn on this feature for them So we have like engineering work to do on that front to figure out what the Security ratchet will look like and how to make it recoverable and still secure So those are examples of like the hard engineering problems that we see ahead for us to solve Yeah regarding the mailserver I'm running mailserver with other people together and We are refraining from using let's encrypt for the mailserver since we Want to make sure that the traffic so our threat model is more or less So small and activist mailserver so our threat model is state and state agencies So it's easy to To create whatever by state rhythm or other CAs Valid certificate so we are more in the model of pinning specific certificates of other trustworthy Service mailservas and so on so this would be hard to do with let's encrypt since due to the 90 days or less expiry date will be so we put some automation automation into this model, but it's What do you currently do when your certificates expire? No currently The other mailserver that we communicate with and that we want to have a reliable communication We are via their certificates and not just random valid certificates, but their certificates then we Define their certificate Names and so on and we have some exchange pool of some git repositories that we share and sign and so on those Not so great process, but it's it's paranoid and it works so using git as your protocol for this basically But it's bad. Yeah SSH and you sign your git commits We actually thought about trying to use git for this and I think probably that's not how it'll happen in the end, but You know you need a place that it's a little bit like the preload list for browsers that says for this domain always expect TLS for email and then secondly always check a certificate and then thirdly maybe Pin a certificate right and which doesn't have to be CA signed right you or pin the private key So then if you're using let's encrypt and set bot you can make a new certificate every 90 days But keep reusing the private key and so you have a pinning thing through one path and then a certificate through another but the certificate Updates and the key stays the same So this pinning of the private key would be a solution. I'm not in that depth in the so is this available for postfix or something Well, this is something we're working on at the moment. Actually, you could totally do it So it wouldn't be a postflip pics postfix plug-in yet. What you would do is you would use Cert bot to get the certificate and then you use a hook to install it in postfix Copy it to your postfix configuration. I meant the key pinning the private key pinning I think we actually might have just I think there was a there was a pinning for Certificates I had this feeling This will solve the problem. I don't want to make a commitment about what you can put in that postfix config file Thank you But if you can maybe if you can't even can't put it in a postfix configuration file But you do a separate check outside of that to check that the key is the same Like I don't know whether or not postfix can do this But if you can have a mechanism for pinning the key, like that's you could do that externally is what I'm saying We'd also maybe love to work with your project because you're trying to you're essentially built a smaller version of what we want To build into cert bot and maybe done it slightly differently But it's a it's the same use case and we just want to scale it to the whole internet But the threat model is somehow different. So we are thinking about the state adversary and you are thinking about Not in crypto traffic and users trusting in somehow authorized good traffic in the long run We in the long run we want to protect against state adversaries as well so at the moment we don't of course because the state adversaries have their own certificate authorities, but There's a protocol called CAA that you can use to Announce over DNS which certificate authorities can sign for you so you can use that to lock down which CAs Can issue for you and you could do that in combination with the thing I just said we're working on which is a way of saying with let's encrypt at some point You can say only cryptographic proof of control of domain So once you get a let's encrypt certificate, you keep chaining to your past keys for authentication and and then the combination of CAA plus now let's encrypt won't be vulnerable to TCP based attacks Then we'd be potentially hardened against the state adversary for authentication. I mean, it's it's a couple of pieces But I think we also want to be compatible with people who have the use case you're describing We'd want if we're making an announcement protocol that allows people to announce security policy for their mail servers You know one policy you can announce is always to start TLS a second policy you can announce is Check my certificate using the public trust CAA stuff. A third policy is This exact pin key or this exact pin certificate And so we probably want to support the type of pinning you're doing in addition to the other kinds that we we do by default Thank you Hi I'm not quite sure but isn't that DNS second day can be useful for that Yes, sir in theory, sir, so it's not just The question was can you not just use DNS second day for the same purpose now The issue there is that one deployment of those protocols is so Limited DNS second is getting some deployment. Dane Has basically not been deployed and so you can't get clients that speak it and then the the second problem is it doesn't really protect you against state adversaries it sort of Changes the state adversaries a little bit. It's basically whoever's above you in the DNS hierarchy can attack you other people can't So it's better, but it doesn't totally protect against it. So so yes, I think People have talked about Dane as a solution to this problem for a long time and it hasn't happened yet Why you did choose Python to implement third-party not see or JavaScript or whatever is out there So when we were making that call, I think we thought Python this is a great in fact, I think one of our Project members Noah Schwartz has given a whole talk at PyCon about what we liked and what we regretted about this choice But so giving this sort of 30-second summary of that Python is pretty flexible and has a lot of support for wrangling your operating system, right? It's a high-level language that protects you against large categories of Memory safety bugs and so forth that lets you change stuff in your OS the stuff that we've really found difficult about Python Its dependency management is not great. So working with PIP has been a source of continuous pain That's issue one issue two is it's open SSL bindings Really not good so Python, you know, we've used Python cryptography and Python cryptography the issue is not that it doesn't work it's that it it's fragile and In particular when there's a new version of open SSL it tends to break the CFFI bindings into Python open cryptography so That started maybe to get better because Python cryptography has started to ship its own bundled versions of open SSL and that means they have to Take every open SSL CVE and scramble when they get one and it means we'll have to take open SSL CVE's and scramble via Python cryptography, but it's probably worth it because now you have less probability that when you type import cryptography in Python your Interpreter explodes with a like a CFFI binding issue So I think those are the big pain points were like dependency management Which meant that especially early on people would get this worth worse install experience from us and and open SSL Support which of course caused people that to compile the bindings. It was a lot of pain of that sort In terms of other languages that we could have picked. I think the weird That's looking at so there's now an Acme client written in every language basically so you can actually compare to the other Acme clients that have wound up being our competitors basically to set but there are two. I think that are really interesting One's written in go and go has the advantage of better Dependency management. It's cleaner in that respect and great built-in crypto The big problem is it basically doesn't run on 32-bit systems So we couldn't give everyone a set box, you know a copy of set by go We didn't think the other one is of all languages bash so Acme.sh is a pretty good Acme client that's written in bash and of course That's the worst language imaginable to do software engineering in but the thing that they got by choosing bash was you have very few dependencies it just runs on almost every Unix system and they depend on I think like Netcat for their network communication and curl for you know fetching URLs and speaking to the web and Open SSL they shelter open SSL and people use it and it works and it doesn't Especially early on it was like you didn't need as much stuff on your box You didn't need a bunch of Python libraries. So I think those were the two other languages we could have picked and the reasons for not picking them were probably Reasonable but came with other prices And we would never have thought of picking bash like it was very unintuitive that that was actually a great choice Sorry for this question was asked before I came Does anyone vendor of Internet of Things have reached you to do a collaboration about renewal certification on Internet of Things? Oh Yes, is the short answer we So the members of ISRG include Companies like Cisco who are like fund Like help fundblurts encrypt and they are definitely interested in IOT versions of this thing We also get questions about certificates for phone numbers And I think those things like sir So there are two separate projects the Serpa project that which is housed at EFF and then let's encrypt it ISRG And I think those questions are coming into let's encrypt and The answer thus far is yes We'll consider them once we feel like once let's encrypt feels like it's really on top of Certificate issuance at the scale that it needs to happen We'll turn around and think okay Can we issue like ten times more certificates to IOT devices that don't have public names like maybe in some other namespace? Of course in the meantime if your IOT device has a domain name you can use let's encrypt So it's more would we support a separate type of certificate for a much more expensive namespace Thanks, so my question is a bit related to that. I recently played a bit around with open WRT and building custom firmware images so that's basically a custom firmware for many home browsers and Usually the traffic to the router is unencrypted because by default that thing starts a web server Then you can log in start configuring your network settings Viper settings and so on and everything that goes to the router is unencrypted And I would like to change that to have it encrypted by default But that's a bit tricky because either you will access the device by the IP address which is 192.168.0.1 And you cannot issue a certificate for that or you would use something like a virtual name something like router.home This is for a local network, right or yes, I mean so if it's only for a local network Presumably you could run your own PKI right you don't have to go through something like let's encrypt You could use a self-signed certificate that you know the key of and just distribute between the devices on your own network Yes So I could of course do that and it's also already supported the problem is just when you flash that's a firmware image by default The connection is unencrypted and you can of course enable crypto with the self-signed certificate But then you still get browser warnings and it's getting harder and harder to click around those browser warnings so the best solution I could currently come up for is that I Parade a service somewhere on the internet like register a public domain name Let's name it my home router.org And every time such a firmware image is flashed the router contacts the my home router.org service registers a unique ID for itself like 12345.myhomerouter.org uses this public Domain name to get well post name to get Let's encrypt certificate and then because it also runs a DNS server say 12345.myhomerouter.org is 192.1 168.0.1 and then it could like out of the box serve its web configuration interface in encrypted manner and That is kind of Very weird hack and I wonder whether there is a better way how it could be done with Let's anchor up so that I could have like a firmware image for a router You just need to flash it and you assume that the router has internet access by DHCP or something like that when it's booted for the first time that by default the web interface would be encrypted It does sound like this is the same problem, right? You have this device without a domain name that you want a certificate for Kind of but now I have the advantage that this device is also running the local DNS server and You can do more tricks there Default gateway in the network. It's not like an IoT device. It's just on the network, but it's a default gateway So you have a little bit more power there You can serve a redirect to the synthetic domain name Yes, so that would happen that when somebody enters the IP address of that router it would establish an HTTP connection The router's web server would say redirect to HTTPS.routerid.myhomerouter.org And then it would serve the encrypted website when it's permanent redirect then by default everyone will Once access the router will probably book max the encrypted version of that configuration URL But it still sounds like a heck, but I don't know a better solution for that Yeah, can you I mean if you propose one we're open to it Certainly the best one I can propose I can also try to implement it, but it looks ugly The interesting thing about it is you have this trust on first use thing that you're trying to do right You have no canonical way of identifying that router, right? It's like a box that just looks like every other one that comes along from that manufacturer or from your home router project And then somehow you want to kind of once you've seen that very generic looking box You want to go from that to no, I know it's my home router I flashed like Eric's firmware onto it and so I know it's like the right thing and so You kind of get that with the unique domain name that your router picks from the service, right? It's like okay. It picked like slithy tov.homerouter.org or whatever and then that's now a Memorable thing and you get this property that if it picked that And then someone switches out your home router for a different one that looks exactly the same but has different key material on it Suddenly it won't be able to keep the name that it had previously So you at least get that the continuity property that you wanted from trust on first use It feels a little hackish to get there via the browser and so maybe the right way of asking this question is Are there features we would want Chrome or Firefox and company to ship that make it a little bit less painful To get a trust on first UC experience for certain types of domain names I'm sure that they're going to push back on us and say well anything you design for this purpose is going to get abused by Evil people with other purposes, but that maybe is the right place to think about it Is there a browser feature that's going to help with these use cases? Yes, like when you maybe say okay that everyone who uses a private IP address in the URL could get Easier next screen for the untrustworthy certificate. Yeah, probably add the certificate directly to the browser Without I mean sure, but I want to get around the next screen. I want to have something Like before you do that you would add it in settings Just import it directly into the certificate store and then you don't then you miss the page But it does the exact same thing sure, but what I want is basically somebody types in the IP address in the browser bar hits enter gets an encrypted connection without a warning, sir Ironically, we probably hurt this use case historically with the SSL observatory project We found all these certificates that were being issued back in like 2010 and earlier by CAs that were We're doing this and you know our co-author of that paper I think took the CAs to task for doing this He's like you you can't issue certificates for like 192.168.1.1 because it's failing It's like fundamentally not performing the authentic or authentication task that a certificate is supposed to perform and That's true and the fact that there were thousands of certificates for that domain name was was of course evidence for that Given to many different people But it may be also like a you know miss the point that you want opportunistic encryption for a use case like this Maybe now so I guess maybe you could try to propose a standard for opportunistic encryption to like shed domain names like mail like like like mail or local host or 192.168.1.1 and I think maybe that's the way to move forward with that It's like propose that spec and then again We have the problem of how to get browsers to accept it and they could render it with some like the crossed out HTTPS and say Yeah, okay It's opportunistic to that host name because we know there's no other way to do it That might actually not be the most far-reaching thing because like if you're using I don't remember if it's local host or what local host maps to but something in the browsers They don't Give you the warnings for the mixed content, right? If you're running whatever it is locally so like they do already make some sorts of exceptions Just might be expanding that exception class Is maybe an achievable goal, but you know, I don't speak for the browsers and to how likely they are to do that But they've done things in this category before of skipping warnings for particular use cases I must admit I haven't looked very recently but the last time I looked the Windows story wasn't completely Finished. Would you like to finish it for us? I'm not sure Maybe you can talk something about Yeah, we our Windows story is not completely finished the people who work like most of their time just don't have that Deep Windows expertise to just throw something together And we have like some possible Outside contributors who've said they might be able to do it But it's tough if they're not like people that we are with talking to all the time It's a thing that will maybe happen. We've had several people say that. Oh, yeah. Yeah, I could do that But we haven't seen it happen yet if you happen to have lots of Windows expertise and Want to do a port for us. We would love to see that Yeah, well the The third boat running in Python certainly doesn't help Actually, well, no, no, it doesn't help much. I mean it's interesting when we first launched let's encrypt We talked to Microsoft a little bit and the people we talked to at Microsoft said actually Python is fine for like for an official Microsoft product It would be a huge amount of work and we do it in native Windows land But for like a little like for a hacker-ish thing that runs on Windows Python is fine. We have Python on Windows Will even help you with this and then that team will end up just disappearing and not working with us and doing other things so in Theory they thought it the people at Microsoft thought Python was survivable On Windows. I honestly don't know enough about that like the reality of what pain you encounter. I'm sure there's some I think we'd certainly be interested in people who have an important need for this if you host a lot of stuff on Windows And you know other companies that do and what particularly if you want to like I mean You may have engineering talent to do this in-house or we just want to give a grant to ISRG or EFF to do it I think we'd be open to people who say yeah, we'll fund a developer and for a year and then we'll implement all of that stuff Uh-huh. Yeah. No, okay. Well, I don't have the difference right now Thanks. I mean, I will also try to fundraise for it. It's not something it's it's on our to-do list It's just there's a lot on our to-do list Yeah, no, I basically wanted to know where it was on your to-do list That's basically what my question was it might not be the worst thing to do a crowdfunding campaign for Just say okay, we need like to fund a developer for one to two years to make this happen. Okay. Here's the price like Let's ask the internet to do it if there are enough people who need it. It'll happen Okay, I was a bit late. So maybe this was asked already What is the reason that only So that I cannot that I have to have port 80 open for the standard challenge to be for the renew I saw let's say I don't have access to DNS so that I can set the DNS and With the standard challenge I have to have always I cannot do the renew on port for 43 It's I have to have 80 open. You should be able to using SNI using TLS SNI Do you know which authentication method you're using? Yeah, I've tried using with the third bot I've tried using TLS, but it didn't work. It just says that it's not possible You're probably using the web root plugin as an authenticator, which web server are you using? Oh, I Do that manually with the web servers. So I just use the standard plug-in without any I mean not the plug-in. I just use the standard without anything just use a raw certificate authentication Do you use sir pot cert only like what flags are you giving to the Command so you you're saying that it's possible. Okay, then I Know my guess is he what I think there's a real issue So what he's probably doing is running set but certainly with dash dash web root and then he's got a fight You've got a firewall or something the blocks possible. It is possible to do without having port 80 open Okay, that that was my question and another question because I have many servers behind firewall so I cannot Because I cannot use random ports for the challenge I cannot out the authenticate renew my Certificates on the different servers. So because I have the web ports are random ports that all Point to different servers behind my main router. So Erica. There is a real issue there So people who use the web root authenticator and just want to drop a file on this is on their file system to renew Need port 80 need a web server. That's answer answering on port 80 And the reason is so so acme has a bunch of different challenge types that it uses to prove control of a domain name And the ones that exist right now HTP oh one which means you fetch a URL and you you get a Let's encrypt season magic token on it port 80 or TLS SNI oh one where let's encrypt season magic certificate on port 443 Or DNS where you query a special domain name and you get a special value back on port 53 And maybe your question ultimately is why is there not an HTTPS or one challenge that where you see a special file Not a special certificate on port 443 Yes, and the the reason we didn't put that in the protocol was because we noticed this problem with web servers that were configured with a large number of domain names Maybe say a hundred domain names or something on port 80 and maybe five of those domain names on port 443 and the What you would expect commonly is if you go to port 443 for a domain That's not one of the five that are correctly configured It should give you an error of some sort But what the web servers would actually what Apache and nginx actually do is they serve Alphabetically the first domain as the default over TLS and so what that does is it creates a situation where? for the 95 people who don't have HTTPS yet the Five domains that already do one of them has the magic ability to get certificates for all the other domain names So on some shared Unix systems this would actually create Privilege escalation between one of the host domains to other host domains So I go I log on to some Unix server and I have I make a dot-com and I make it TLS and I get a certificate for it and now I can get a certificate for these other hundred random people who are hosted on the same Machine as me so for that reason we didn't allow HTTPS or one Into the protocol we might add it in the future But it would have to check the certificate So this would actually be I talked before about the mechanism once you've got a certificate from us You could keep using cryptography to To prove control of the domain for renewal so HTTPS So one wouldn't give you a certificate on day one when you first use less encrypt, but it would let you renew Yeah, that would be yeah, and so we're probably gonna implement this in the meantime Here are your options if you if you don't want to serve on port 80 Server redirect to 443 and then the existing challenge type will work for you So if you just like put a rule in your web server, okay, listen 80 redirect always 80 to 443 it'll work The challenge will accept the redirect The other options are use TLS SNI-01 the challenge type that supports 443 but for that you have to deploy a special certificate and so Maybe I can use so I can use engine X on the router with SNI and proxying the requests exactly And so we if you've got engine X running We recently shipped that we've shipped it for a while, but Erica has actually made it very reliable. So we now offer it To everyone by default basically You can use sir bot dash dash engine X and it'll walk over to your engine X configuration and configure TLS SNI-01 so it'll put in the certificate into the configuration file and then Take it out again once it's you know, so edits the config file puts in the certificate on it a test challenge domain Gets the certificate and then removes it. So if you're okay having that temporary change to your engine X file We can do that for you on 443. Thank you Hey, well, thank you all for coming. Thank you for asking questions. I hope you were interested by the answers