| ▲ | dathinab 5 hours ago | |
the idea behind expiration is: - TLS certificates do leak, not just due to worst case bugs like heart blead - revocation does not work well in practice - affected operators aren't always aware if a certificate leaked so by having expiration (and in recent years increasingly short validity duration) you reduce how the consequences of an leak, potentially to nothing if the attacker only gets their hand on the cert after it expired this also has the unintended consequence that a long time expired certificate leaking isn't seen as a security issues, nor will you revoke it (it's already invalid). But if you visit site with expired certificates you have the problem that you only know it had been valid in the past. You don't know if it was leaked after it became invalid or similar. I.e. you can't reasonable differentiate anymore between "forgotten to renew" and MITM attack. At which point it worth pointing out that MITM attacks aren't just about reading secrets you send, but can also inject malicious JS. And browser sandbox vulnerabilities might be rare but do exist. A more extremem case of this dynamics are OIDC/OAuth access tokens. Which are far more prone to leak then certs, but in turn are only valid for a short time (max 5min) and due to that normally don't have a revocation system. (Thinks are different for the refresh token you use to get the access token, but the refresh token also is only ever send to the auth server which makes handling that way easier.) | ||
| ▲ | OrvalWintermute an hour ago | parent [-] | |
Revocations works great in theory, and in theory & practice particularly in DOD. The problem is a ton of certificate authorities consciously chose not to produce validation data previously, created insecure CAs, chose not to cache validation data, had knee jerk reactions to potential exposures, and many industries chose not to invest in technical capability to make revocation data available, performant, resilient, failing-over, failing gracefully, etc. MITM is now the default for half the enterprise security solutions operating with cert to website “suspected good whitelists” which makes new domains on HN nigh unreadable | ||