Awesome Conferences

SHA-1 Deprecation: Pro, Con, or Extend?

I read Ryan's article about why SHA-1 should be deprecated faster and why we should veto the proposed extensions. It is an excellent explanation of what's going on. I highly recommend it (and look forward to the complete series when he publishes it):

I feel like the cert provider's reply should be this:

Dear Ryan:

Screw you. You obviously don't understand the business we are in. We are in the business of PRINTING RANDOM NUMBERS AND SELLING THEM FOR UNGODLY HUGE SUMS. You're naive proposal may help the world, but how does that help us profit?

Here's an example, Ryan:


See? That was a random number. We just sold it to some duncehead that doesn't know the difference between a SHA-1 hash and a FQDN. For how much? A thousand dollars. That's right. ONE THOUSAND DOLLARS. We do that every few seconds and it (snoooooorts a big line of coke) feels so good!

Why did it cost $1,000? because we list the price as $48 but then upsold him on wildcards, EV (whatever the heck that is!?!) and a hella boat load of other things.

So let me tell you what we, the cert providers, think about your proposal to help the world or something:

Screw you. Screw you, the horse you rode in on, and your little dog Toto too!

Why? Because we're making money hand over fist and if you require us to change our code, we'll have to... well... pay a programmer to do that, test it, and verify it. That costs money. You know what "cost" is, Ryan? It's the opposite of me sitting in my executive office snorting coke.

So, yes, we've convinced Twitter and CloudFlare and others to do a lot of coding to work around our fucked up little system. Meanwhile, we will spend nothing. How perfect is that?

Yes, we could adopt SHA-256 for all certs and make the web safer but that would be something you'd do if we gave a shit. Yes, we'll adopt that awesome SHA-256 technology someday but ...and this is important Ryan... it won't be on 2016's budgets. Money spent today is a lot more expensive than money spent tomorrow. Why? Because there's a good chance I'll be out of here by then and it will be some other dipshit executive's problem.

Sure, in the meanwhile the NSA will crack the crypto and read everything people say on the internet. Do you think I care about that?

Sincerely, Every executive at every cert provider

P.S. Here... have a thousand dollar random number on us: 6.

Ok, I'm sure that's not exactly what the cert providers are thinking. I'm sure it is pretty close. I don't think they'd actually give away a free random number.

Posted by Tom Limoncelli in Funny


I don't mind the issuance being stopped, but rejecting them in Firefox 43 doesn't help anyone. I'd also like them to improve the UI there.

It'd be nice if i5 was possible to set a browser to trust specific (custom) CA's sha1's, but that probably only affects me right now :). Or just a tiny number of people in the world..

@Matthew : unfortunately rejecting certs within browsers is the only pressure point that can really make a dent in the CA companies out there.

@Tom : nice one, really like your provider's response. that's pretty much how I view the CAs out there :)