Re: DANE vs WebPKI (was: WoSign/StartCom CA in the news, let's wind this thread down...)
> On Oct 1, 2016, at 11:01 AM, li...@lazygranch.com wrote: > > On the latest "Security Now" podcast, Steve Gibson's makes noises about > DNSSEC/DANE replacing certs, but not in detail. I think that this thread, which was only tenuously connected to Postfix in the first place, is no longer operationally relevant and has likely outlived its welcome on this list. We should wind it down. By way of closing comments: * DANE is reasonably practical for MTA-to-MTA SMTP, where it makes more sense than WebPKI, provided DNSSEC adoption does not prove too high a barrier to entry: https://tools.ietf.org/html/rfc7672#section-1.3 * DANE is not at this time practical for browser-to-webserver HTTPS. A major obstacle is that many mobile "hotspots" are not compatible with DNSSEC at this time. There is some work in progress to define DANE-stapling, where the HTTPS server can return the relevant DNS records to the HTTPS client via a new TLS extension. This will take some time. Until then, don't expect much traction from DANE in the HTTPS space. * There may be some niche use of DANE in some other areas (XMPP, and programmatic HTTPS in closed environments where access via browsers or from remote locations is not a requirement), but SMTP is where the action is for the moment and adoption is starting to pick up steam. Just today another major hosting provider added DANE TLSA records for one out of their five MX hosts, I expect that their other MX hosts will follow along soon... In Oct/2015 at the M3AAWG meeting in Atlanta I reported 7000+ DANE domains 24 of which had been sighted in Google's email transparency report (which reports only domains that cross a mail volume lower bound). Today I would report 60,000+ domains, 75 of which have been sighted in Google's transparency report. So I'm cautiously optimistic that DANE for SMTP still has reasonable adoption momentum. -- Viktor.
Re: WoSign/StartCom CA in the news
On the latest "Security Now" podcast, Steve Gibson's makes noises about DNSSEC/DANE replacing certs, but not in detail. You can search for DANE in the transcript. I don't recall if he ever explained this in detail, and if he did, I probably wouldn't understand. https://www.grc.com/sn/sn-579.htm I don't use Twitter, and if I did, I couldn't discuss DNSSEC/DANE intelligently, but feel free to engage him. https://mobile.twitter.com/sggrc I have a self signed cert for email, so the cert I will buy is only for my website. I guess I have to buy one per domain. But I do no e-commerce or anything really requiring security on the sites. Rather Google is going to start lowering page rank if you aren't encrypted, plus it has made encryption a defacto requirement for http2. (The standard doesn't require encryption, but Chrome won't use http2 without it.) Original Message From: Alice Wonder Sent: Saturday, October 1, 2016 3:29 AM To: postfix-users@postfix.org Subject: Re: WoSign/StartCom CA in the news On 09/30/2016 06:52 AM, John @ KLaM wrote: > Yes, I understand DANE can be used for MTAs. My musing is could it > completely replace the existing CA mess, and I suppose the follow up is > how? > > I do not see it as a replacement for the CA mess but rather as a form of 2-factor authentication. There is still validity to the PKI/CA infrastructure, such as EV certificates for financial institutions and revoking certificates issued to obvious bad actors phishing with very similar domains (e.g. slight mis-spelling of a bank) I guess kind of off-topic but even though I am a huge supporter of DNSSEC and DANE, I don't see it as replacing the CA system. I'd rather see the CA system fixed. -=- Sent my from my laptop, may not be able to respond timely
Re: WoSign/StartCom CA in the news
On 09/30/2016 06:52 AM, John @ KLaM wrote: Yes, I understand DANE can be used for MTAs. My musing is could it completely replace the existing CA mess, and I suppose the follow up is how? I do not see it as a replacement for the CA mess but rather as a form of 2-factor authentication. There is still validity to the PKI/CA infrastructure, such as EV certificates for financial institutions and revoking certificates issued to obvious bad actors phishing with very similar domains (e.g. slight mis-spelling of a bank) I guess kind of off-topic but even though I am a huge supporter of DNSSEC and DANE, I don't see it as replacing the CA system. I'd rather see the CA system fixed. -=- Sent my from my laptop, may not be able to respond timely
Re: WoSign/StartCom CA in the news
Yes, I understand DANE can be used for MTAs. My musing is could it completely replace the existing CA mess, and I suppose the follow up is how? On September 30, 2016 09:12:30 wie...@porcupine.org (Wietse Venema) wrote: John: This may be way off topic, if I apologise. Looking a the available CAs many of them do not seem to pass the /s//niff test//./ WoSign/Startcom are not alone in being found to be either incompetent or dishonest. Which made me wonder if there might be an alternative to CA issued certs. Is there anyway that DNS/DNSSEC could be used to publish and verify certs. DANE can be used to implement TLS authentication without PKI. Available in Postfix since 2.11. Wietse
Re: WoSign/StartCom CA in the news
John: > This may be way off topic, if I apologise. > > Looking a the available CAs many of them do not seem to pass the > /s//niff test//./ WoSign/Startcom are not alone in being found to be > either incompetent or dishonest. Which made me wonder if there might be > an alternative to CA issued certs. Is there anyway that DNS/DNSSEC could > be used to publish and verify certs. DANE can be used to implement TLS authentication without PKI. Available in Postfix since 2.11. Wietse
Re: WoSign/StartCom CA in the news
On Fri, Sep 30, 2016 at 08:36:58AM -0400, John wrote: > This may be way off topic, if I apologise. Not really, not much anyway. > Looking a the available CAs many of them do not seem to pass the > /s//niff test//./ WoSign/Startcom are not alone in being found to > be either incompetent or dishonest. Which made me wonder if there > might be an alternative to CA issued certs. Is there anyway that > DNS/DNSSEC could be used to publish and verify certs. It's called DANE, see RFC 6698 and Victor's post earlier in this thread. To understand this you need to understand the different roles a Postfix MTA might serve. DANE is for MTA-to-MTA mail exchange. WebPKI (commercial or free) certs are more useful for user-to-MTA (MSA) submission. -- http://rob0.nodns4.us/ Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
Re: WoSign/StartCom CA in the news
This may be way off topic, if I apologise. Looking a the available CAs many of them do not seem to pass the /s//niff test//./ WoSign/Startcom are not alone in being found to be either incompetent or dishonest. Which made me wonder if there might be an alternative to CA issued certs. Is there anyway that DNS/DNSSEC could be used to publish and verify certs. JohnA // On 27/09/16 06:29 PM, Viktor Dukhovni wrote: WoSign (who seemingly purchased StartCom) seem to have run into some compliance issues as reported by Firefox: http://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/ Many SMTP servers are using certs from StartCom. In my DANE adoption survey, out of 2201 certificates used by DANE MX hosts 411 are issued by StartCom and 47 by WoSign. So that's just over 20% of observed certificates. While the rate is likely different for the larger SMTP ecosystem (DANE users are bleeding edge, not representative at this time), I expect that these CAs are still quite popular overall. If you're using StartCom/WoSign certs, and rely on them being verified by MUAs and/or peer MTAs. you may want to make contingency plans if Mozilla and perhaps others go through with delisting (or disabling) the related root CAs from their trusted CA bundles.
Re: WoSign/StartCom CA in the news
Comodo has been caught for shady practices like "geek buddy." They also did some shady certs: https://nakedsecurity.sophos.com/2011/03/24/fraudulent-certificates-issued-by-comodo-is-it-time-to-rethink-who-we-trust/ While the cert they issue you is probably OK, I think the company has internal control issues. Original Message From: Alice Wonder Sent: Thursday, September 29, 2016 8:35 PM To: postfix-users@postfix.org Subject: Re: WoSign/StartCom CA in the news On 09/28/2016 01:25 AM, li...@lazygranch.com wrote: > I don't want take this thread off course, but suggestions for low cost certs > would be appreciated. I don't like how Let's Encrypt works, else that would > be the obvious solution. > > Domain registration isn't free. Server time isn't free. Something like $20 a > year would be fine. I use Comodo via Namecheap where it is $9.00 for a year. If you are still looking. Some people have complaints about Comodo but they work for me. They handle both RSA and ECDSA certs. -- -=- Sent my from my laptop, may not be able to respond timely
Re: WoSign/StartCom CA in the news
On 09/28/2016 01:25 AM, li...@lazygranch.com wrote: I don't want take this thread off course, but suggestions for low cost certs would be appreciated. I don't like how Let's Encrypt works, else that would be the obvious solution. Domain registration isn't free. Server time isn't free. Something like $20 a year would be fine. I use Comodo via Namecheap where it is $9.00 for a year. If you are still looking. Some people have complaints about Comodo but they work for me. They handle both RSA and ECDSA certs. -- -=- Sent my from my laptop, may not be able to respond timely
Re: WoSign/StartCom CA in the news
Bookmarked and all these emails archived. There is nothing like advice from someone who has done hands on work. And it appears I was a bit hard on Let's Encrypt, but if a low cost cert is just as good, I rather have the simple solution. Steve Gibson's "Security Now" podcast has been covering WoSign on and off since the github incident. While Firefox will put them effectively out of business, it isn't like being sanctioned by the SEC. Employees and officers of WoSign could be back as some other agency. Original Message From: Mike Sent: Wednesday, September 28, 2016 8:11 AM To: postfix-users@postfix.org Subject: Re: WoSign/StartCom CA in the news On 9/28/2016 10:53 AM, KSB wrote: > On 2016.09.28. 17:47, Mike wrote: >> On 9/28/2016 4:55 AM, li...@lazygranch.com wrote: >>> CACert came up in my search. I will look into it. Suggestions always >>> appreciated since I'm quite comfortable with people out there knowing more >>> than me. >>> >>> I didn't like the Let's Encrypt 90 day deal with mysterious upload to your >>> server. It bugs me. About the only outside control of my server I accept is >>> spam RBLs, because really I have no alternative. >>> >>> I understand there is github code out there (perhaps your simp_le) as an >>> alternative to whatever Let's Encrypt does regarding updates, but that >>> seems just as dicey. >> >> >> fwiw, I use GeoTrust's RapidSSL cert. >> >> I buy it through my registrar, namecheap, but I found it is also >> available a bit less expensively via enom (namecheap's parent) for $10 >> per year. It works fine for my low-traffic personal email and webservers. >> >> http://www.enom.com/secure/geotrust-ssl-certificates.aspx >> >> > When we need some specific certificates, our company used to by from > GoGetSSL.com > Geotrust's rapid for comparision: https://www.gogetssl.com/rapidssl/ Thanks, bookmarked. btw, if anyone wants to check out the RapidSSL cert in production, the Los Angeles, USA Postfix mirror uses one.
Re: WoSign/StartCom CA in the news
On 9/28/2016 10:53 AM, KSB wrote: > On 2016.09.28. 17:47, Mike wrote: >> On 9/28/2016 4:55 AM, li...@lazygranch.com wrote: >>> CACert came up in my search. I will look into it. Suggestions always >>> appreciated since I'm quite comfortable with people out there knowing more >>> than me. >>> >>> I didn't like the Let's Encrypt 90 day deal with mysterious upload to your >>> server. It bugs me. About the only outside control of my server I accept is >>> spam RBLs, because really I have no alternative. >>> >>> I understand there is github code out there (perhaps your simp_le) as an >>> alternative to whatever Let's Encrypt does regarding updates, but that >>> seems just as dicey. >> >> >> fwiw, I use GeoTrust's RapidSSL cert. >> >> I buy it through my registrar, namecheap, but I found it is also >> available a bit less expensively via enom (namecheap's parent) for $10 >> per year. It works fine for my low-traffic personal email and webservers. >> >> http://www.enom.com/secure/geotrust-ssl-certificates.aspx >> >> > When we need some specific certificates, our company used to by from > GoGetSSL.com > Geotrust's rapid for comparision: https://www.gogetssl.com/rapidssl/ Thanks, bookmarked. btw, if anyone wants to check out the RapidSSL cert in production, the Los Angeles, USA Postfix mirror uses one.
Re: WoSign/StartCom CA in the news
On 2016.09.28. 17:47, Mike wrote: On 9/28/2016 4:55 AM, li...@lazygranch.com wrote: CACert came up in my search. I will look into it. Suggestions always appreciated since I'm quite comfortable with people out there knowing more than me. I didn't like the Let's Encrypt 90 day deal with mysterious upload to your server. It bugs me. About the only outside control of my server I accept is spam RBLs, because really I have no alternative. I understand there is github code out there (perhaps your simp_le) as an alternative to whatever Let's Encrypt does regarding updates, but that seems just as dicey. fwiw, I use GeoTrust's RapidSSL cert. I buy it through my registrar, namecheap, but I found it is also available a bit less expensively via enom (namecheap's parent) for $10 per year. It works fine for my low-traffic personal email and webservers. http://www.enom.com/secure/geotrust-ssl-certificates.aspx When we need some specific certificates, our company used to by from GoGetSSL.com Geotrust's rapid for comparision: https://www.gogetssl.com/rapidssl/ -- KSB
Re: WoSign/StartCom CA in the news
On Wed, Sep 28, 2016 at 08:53:01AM +, Viktor Dukhovni wrote: > On Wed, Sep 28, 2016 at 01:25:42AM -0700, li...@lazygranch.com > wrote: > > > I don't want take this thread off course, but suggestions for low > > cost certs would be appreciated. I don't like how Let's Encrypt > > works, else that would be the obvious solution. > > I am curious what you don't like about "Let's Encrypt" it seems > usable enough. But, for SMTP, it only needed if you operate a > port 587 MSA for submission clients that want to see WebPKI > certificates. And for a small-enough userbase, even this is not necessary: distribute your [below-mentioned] CA cert to your users, have them trust it in their MUA or OS. > > Domain registration isn't free. Server time isn't free. Something > > like $20 a year would be fine. I already have a self signed cert > > for email, but would like to eventually encrypt my websites and > > attempt dnssec/dane. > > For DNSSEC/DANE you really don't need WebPKI certs, indeed you're > much better off without them. The simplest configuration is a Yes, thank you! In fact the whole point of DANE was to provide greater security of transmission than the commercial SSL CA model could achieve, while placing that power in the hands of the user. > self-signed: > > _25._tcp.smtp.example.com. IN TLSA 3 1 1 > > record, which you update shortly before rolling out new keys (as > and when you feel like deploying a new key). > > A more advanced, but ultimately more convenient, configuration, is > to create your own self-signed issuing CA whose private key or at > least is "passphrase" is "off-line". You then make sure that your [snip the rest of this excellent post] I read through the whole thread this morning hoping to see a post like this. :) Thank you again, for all you have done for Postfix and DANE. -- http://rob0.nodns4.us/ Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
Re: WoSign/StartCom CA in the news
On 9/28/2016 4:55 AM, li...@lazygranch.com wrote: > CACert came up in my search. I will look into it. Suggestions always > appreciated since I'm quite comfortable with people out there knowing more > than me. > > I didn't like the Let's Encrypt 90 day deal with mysterious upload to your > server. It bugs me. About the only outside control of my server I accept is > spam RBLs, because really I have no alternative. > > I understand there is github code out there (perhaps your simp_le) as an > alternative to whatever Let's Encrypt does regarding updates, but that seems > just as dicey. fwiw, I use GeoTrust's RapidSSL cert. I buy it through my registrar, namecheap, but I found it is also available a bit less expensively via enom (namecheap's parent) for $10 per year. It works fine for my low-traffic personal email and webservers. http://www.enom.com/secure/geotrust-ssl-certificates.aspx
Re: WoSign/StartCom CA in the news
On 16-09-28 04:55 AM, li...@lazygranch.com wrote: > I didn't like the Let's Encrypt 90 day deal with mysterious upload to your > server. While I do not like to grant root access to a third-party controlled process on my server, there are good alternatives and the only things that I upload to my server are the resulting certificates, like with any CA. With a little bit of scripting it can all be automated. My current solution is still sketchy and works for me (single Digital Ocean account with one server to be updated), but it can scale easily and is built on the shoulders of giants that make sure more than just Digital Ocean is supported: https://github.com/lukas2511/dehydrated My favorite form of verification is the DNS challenge, because it does not disrupt the server's operation, except for a quick restart to recognize the new certificate. Disclaimer: I am a lawyer and only a tinkerer when it comes to IT. Please point out the deficiencies in my solution and help me improve. Every 90 days, at every iteration, my process becomes better and has now boiled down to check if there has been changes and run some commands/scripts that do not take more than a few minutes of my time. cd ~/src/letsencrypt wget https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem cd dehydrated git pull cd ../certificates_ACCOUNT_X export LEXICON_DIGITALOCEAN_TOKEN= PROVIDER=digitalocean ../dehydrated/dehydrated --cron --hook letsencrypt.default.sh --challenge dns-01 -x # Do other things while the certificates are being generated ../automate.sh ssh SERVER sudo ./deploy.sh sudo service nginx restart sudo service postfix restart The above assumes that you have configured dehydrated and your DNS hosting account. automate.sh is something like this: USER='admin' SERVER='server_entry_in_.ssh/config' DESTINATION='/home/admin/' echo '#!/usr/bin/env bash' > deploy.sh for DOMAIN in `ls certs`; do echo $DOMAIN cd certs/$DOMAIN cat privkey.pem cert.pem ../../lets-encrypt-x3-cross-signed.pem > $DOMAIN.pem rsync -avz $DOMAIN.pem $USER@$SERVER:$DESTINATION echo "chmod 400 $DESTINATION/$DOMAIN.pem" >> ../../deploy.sh echo "chown root:root $DESTINATION/$DOMAIN.pem" >> ../../deploy.sh # domains that are used for mail+web if [ "$DOMAIN" == "mxserver.example.com" ]; then echo "mv $DESTINATION/$DOMAIN.pem /etc/postfix/ssl/" >> ../../deploy.sh # domains that are used for web only else echo "mv $DESTINATION/$DOMAIN.pem /etc/nginx/ssl/" >> ../../deploy.sh fi cd ../../ done chmod +x deploy.sh rsync -avz deploy.sh $USER@$SERVER:$DESTINATION I am only progressing very slowly on this, tweaking it every 90 days, because it is already at a point where it does not bother me. The Let's Encrypt certificates are great. They are recognized by my Android devices when syncing CardDAV/CalDAV; Postfix seems to like them and so does Dovecot. The short life span is actually a neat feature that keeps the ecosystem safe and revocation lists shorter. Yuv
Re: WoSign/StartCom CA in the news
My StartSSL-certs are valid until 4th of october. Luckily I switched to Let's encrypt yesterday - with DANE, of course. ;-) Regards, Renne Am 28.09.2016 um 00:29 schrieb Viktor Dukhovni: > WoSign (who seemingly purchased StartCom) seem to have run into > some compliance issues as reported by Firefox: > > > http://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/ > > Many SMTP servers are using certs from StartCom. In my DANE > adoption survey, out of 2201 certificates used by DANE MX > hosts 411 are issued by StartCom and 47 by WoSign. So that's > just over 20% of observed certificates. While the rate is > likely different for the larger SMTP ecosystem (DANE users > are bleeding edge, not representative at this time), I expect > that these CAs are still quite popular overall. > > If you're using StartCom/WoSign certs, and rely on them being > verified by MUAs and/or peer MTAs. you may want to make > contingency plans if Mozilla and perhaps others go through > with delisting (or disabling) the related root CAs from > their trusted CA bundles. >
Re: WoSign/StartCom CA in the news
> On Sep 28, 2016, at 1:55 AM, li...@lazygranch.com wrote: > > CACert came up in my search. I will look into it. Suggestions always > appreciated since I'm quite comfortable with people out there knowing more > than me. > > I didn't like the Let's Encrypt 90 day deal with mysterious upload to your > server. It bugs me. That's not really how lets encrypt works. It's just one of several options they have for domain authentication. All registrars will require you to do domain authentication somehow; most of them make it impossible to automate. You can use DNS-based domain authentication as another alternative - put a TXT record in your zone. There's no interaction with the production server at all. I use letsencrypt.sh for that, and it doesn't touch any of my production servers (other than my DNS server, obviously) other than when it scp's the new key and certificate into place. To be a little on-topic that includes a couple of postfix servers that don't do anything over http at all. Cheers, Steve > About the only outside control of my server I accept is spam RBLs, because > really I have no alternative. > > I understand there is github code out there (perhaps your simp_le) as an > alternative to whatever Let's Encrypt does regarding updates, but that seems > just as dicey. > > Original Message > From: Sven Schwedas > Sent: Wednesday, September 28, 2016 1:34 AM > To: li...@lazygranch.com; postfix-users@postfix.org > Subject: Re: WoSign/StartCom CA in the news > > On 2016-09-28 10:25, li...@lazygranch.com wrote: >> I don't want take this thread off course, but suggestions for low cost certs >> would be appreciated. I don't like how Let's Encrypt works, else that would >> be the obvious solution. > > "how Let's Encrypt works" is a bit vague. Domain verification is > standard for a lot of registrars (and safer than what StartSSL does, > which is allowing you to breach their TOS if you pay hush money), and > there are LE clients that don't automatically fuck up your server > configs, if that's your concern (we use simp_le, e.g., it just generates > the certs and everything else is up to you). > >> Domain registration isn't free. Server time isn't free. Something like $20 a >> year would be fine. I already have a self signed cert for email, but would >> like to eventually encrypt my websites and attempt dnssec/dane. > > Have you considered CACert? Otherwise it's either scummy registrars that > ought to be the next on the chop block (like Comodo) or gets expensive > fast. (Or both.) > >> When Symantec first announced that they would compete with Let's Encrypt, I >> signed up with them. But it looks like their free cert program is more like >> you need to recruit customers for them. > > Same with the others. Of course they want to stay in business, even if > it's dead already. > >> >> >> Original Message >> From: Sven Schwedas >> Sent: Wednesday, September 28, 2016 1:10 AM >> To: postfix-users@postfix.org >> Subject: Re: WoSign/StartCom CA in the news >> >> On 2016-09-28 00:31, Giovanni Harting wrote: >>> Correct me if I'm wrong, but that document you describe issues by >>> Mozilla and others, doesn't it state that it would only affect new >>> issues certs after a certain date? >> >> Yes, but most StartSSL/WoSign certificates are only valid for a year or >> less. So customers should start looking for alternative providers *now*, >> because a year-long block will affect almost all of them. >> >>> Am 09/28/16 um 00:29 schrieb Viktor Dukhovni: >>>> WoSign (who seemingly purchased StartCom) seem to have run into >>>> some compliance issues as reported by Firefox: >>>> >>>> >>>> http://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/ >>>> >>>> >>>> Many SMTP servers are using certs from StartCom. In my DANE >>>> adoption survey, out of 2201 certificates used by DANE MX >>>> hosts 411 are issued by StartCom and 47 by WoSign. So that's >>>> just over 20% of observed certificates. While the rate is >>>> likely different for the larger SMTP ecosystem (DANE users >>>> are bleeding edge, not representative at this time), I expect >>>> that these CAs are still quite popular overall. >>>> >>>> If you're using StartCom/WoSign certs, and rely on them being >>>> verified by MUAs and/or peer MTAs. you may want to make >>>> contingency plans if Mozilla and perhaps others go through >>>> with delisting (or disabling) the related root CAs from >>>> their trusted CA bundles. >>>> >>> >> > > -- > Mit freundlichen Grüßen, / Best Regards, > Sven Schwedas, Systemadministrator > Mail/XMPP sven.schwe...@tao.at | Skype sven.schwedas > TAO Digital | Lendplatz 45 | A8020 Graz > https://www.tao-digital.at | Tel +43 680 301 7167 >
Re: WoSign/StartCom CA in the news
On 28.09.2016 12:03, KSB wrote: > probably they will go down to 30 days as most admins learn to do > automation. I have read various LE posts regarding certificate lifetime, and while I agree that LE apparently favours automation, I don't think the matter has been decided yet. My personal (!) take on it is that there might be separate processes for automated clients with shorter lifetimes (30 days might be too short, though), and for manually updated certificates with a longer lifetime. Just speculating. -Ralph
Re: WoSign/StartCom CA in the news
On 28/09/16 09:51, Boris Behrens wrote: >> Am 28.09.2016 um 10:25 schrieb li...@lazygranch.com: >> >> I don't want take this thread off course, but suggestions for low cost certs >> would be appreciated. I don't like how Let's Encrypt works, else that would >> be the obvious solution. >> >> Domain registration isn't free. Server time isn't free. Something like $20 a >> year would be fine. I already have a self signed cert for email, but would >> like to eventually encrypt my websites and attempt dnssec/dane. > RapidSSL is about 9EUR per Year and there is a "Basic SSL" option when you > use internetx. Seems to be free. It's a long shot, but you might like to look at cacert.org. They use an authentication scheme a little bit like the PGP "web of trust". The more points you score, the longer the duration of the certificate. It's a freebie (so you get what you pay for, I suppose) Allen C
Re: WoSign/StartCom CA in the news
On 2016.09.28. 12:59, Ralph Seichter wrote: As for the "90 day deal": LE is still in ramp-up phase, so I expect the validity period to increase. Even with 90 days, it is worth using their certificates. In a DANE context, all you need to take care of is not automatically generating new keys with each update, and that is easily avoided. -Ralph No, probably they will go down to 30 days as most admins learn to do automation. -- KSB
Re: WoSign/StartCom CA in the news
On 28.09.2016 10:55, li...@lazygranch.com wrote: > I didn't like the Let's Encrypt 90 day deal with mysterious upload to > your server. It bugs me. Let's Encrypt does not upload anything to your server. You download an updated certificate, if and when you choose to. That process can be invoked manually - which I prefer - or via a cron job, if the necessary TCP port is made available. If you use the LE standard mechanics, nothing on your local machine is overwritten either, and you'll keep a history of your certificates if you so desire. As for the "90 day deal": LE is still in ramp-up phase, so I expect the validity period to increase. Even with 90 days, it is worth using their certificates. In a DANE context, all you need to take care of is not automatically generating new keys with each update, and that is easily avoided. Perhaps I should be mad at LE for stealing some of my business (I run a CA myself), but they are doing a good job, and I am always glad to see people making encryption available to the masses. -Ralph
Re: WoSign/StartCom CA in the news
On 28/09/16 09:25, li...@lazygranch.com wrote: I don't want take this thread off course, but suggestions for low cost certs would be appreciated. I don't like how Let's Encrypt works, else that would be the obvious solution. When Symantec first announced that they would compete with Let's Encrypt, I signed up with them. But it looks like their free cert program is more like you need to recruit customers for them. I have paid ~$13/yr for three year RapidSSL through https://www.rapidsslonline.com/ I am using RapidSSL for many years and no problems at all. Now it is acquired by Symantec so I wouldn't expect any issues. Best, Karol -- Karol Augustin ka...@augustin.pl http://karolaugustin.pl/ +353 85 775 5312
Re: WoSign/StartCom CA in the news
On Wed, Sep 28, 2016 at 01:55:06AM -0700, li...@lazygranch.com wrote: > I didn't like the Let's Encrypt 90 day deal with mysterious upload to your > server. It bugs me. You're mistaken about how LE works. There is no remote control of your server, or any externally imposed update. They provide a script you can run from "cron" or similar to refresh your certificates. You can run it as you see fit, and use it in a variety of ways. Including obtaining new certs for the same underlying key (convenient for DANE), and either deploying certs to where they're used live, or somewhere else, where code you write can take care of automated deployment, or just send you a reminder and you do the deployment manually. The only external influence on your server is the 90-day expiration, so you have to do something every 90 days, which encourages automation over manual processes, which is a good thing IMHO. The fine folks at "mailinabox.org" seem to have put together a nice turnkey email email server that, among other things, includes integration with Let's Encrypt and DNS updates for DANE, so it all "just works" (TM). Indeed out of the 2215 distinct live DANE server certs I'm tracking, 353 are "mailinabox" servers, and unlike some other servers, whose operators need occasional reminders to not forget to update TLSA records after changing keys, the mailinabox servers never seem to mess up. They just "magically" continue to have valid TLSA records across multiple key and certificate renewals. So far, I'm quite impressed. -- Viktor.
Re: WoSign/StartCom CA in the news
CACert came up in my search. I will look into it. Suggestions always appreciated since I'm quite comfortable with people out there knowing more than me. I didn't like the Let's Encrypt 90 day deal with mysterious upload to your server. It bugs me. About the only outside control of my server I accept is spam RBLs, because really I have no alternative. I understand there is github code out there (perhaps your simp_le) as an alternative to whatever Let's Encrypt does regarding updates, but that seems just as dicey. Original Message From: Sven Schwedas Sent: Wednesday, September 28, 2016 1:34 AM To: li...@lazygranch.com; postfix-users@postfix.org Subject: Re: WoSign/StartCom CA in the news On 2016-09-28 10:25, li...@lazygranch.com wrote: > I don't want take this thread off course, but suggestions for low cost certs > would be appreciated. I don't like how Let's Encrypt works, else that would > be the obvious solution. "how Let's Encrypt works" is a bit vague. Domain verification is standard for a lot of registrars (and safer than what StartSSL does, which is allowing you to breach their TOS if you pay hush money), and there are LE clients that don't automatically fuck up your server configs, if that's your concern (we use simp_le, e.g., it just generates the certs and everything else is up to you). > Domain registration isn't free. Server time isn't free. Something like $20 a > year would be fine. I already have a self signed cert for email, but would > like to eventually encrypt my websites and attempt dnssec/dane. Have you considered CACert? Otherwise it's either scummy registrars that ought to be the next on the chop block (like Comodo) or gets expensive fast. (Or both.) > When Symantec first announced that they would compete with Let's Encrypt, I > signed up with them. But it looks like their free cert program is more like > you need to recruit customers for them. Same with the others. Of course they want to stay in business, even if it's dead already. > > > Original Message > From: Sven Schwedas > Sent: Wednesday, September 28, 2016 1:10 AM > To: postfix-users@postfix.org > Subject: Re: WoSign/StartCom CA in the news > > On 2016-09-28 00:31, Giovanni Harting wrote: >> Correct me if I'm wrong, but that document you describe issues by >> Mozilla and others, doesn't it state that it would only affect new >> issues certs after a certain date? > > Yes, but most StartSSL/WoSign certificates are only valid for a year or > less. So customers should start looking for alternative providers *now*, > because a year-long block will affect almost all of them. > >> Am 09/28/16 um 00:29 schrieb Viktor Dukhovni: >>> WoSign (who seemingly purchased StartCom) seem to have run into >>> some compliance issues as reported by Firefox: >>> >>> >>> http://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/ >>> >>> >>> Many SMTP servers are using certs from StartCom. In my DANE >>> adoption survey, out of 2201 certificates used by DANE MX >>> hosts 411 are issued by StartCom and 47 by WoSign. So that's >>> just over 20% of observed certificates. While the rate is >>> likely different for the larger SMTP ecosystem (DANE users >>> are bleeding edge, not representative at this time), I expect >>> that these CAs are still quite popular overall. >>> >>> If you're using StartCom/WoSign certs, and rely on them being >>> verified by MUAs and/or peer MTAs. you may want to make >>> contingency plans if Mozilla and perhaps others go through >>> with delisting (or disabling) the related root CAs from >>> their trusted CA bundles. >>> >> > -- Mit freundlichen Grüßen, / Best Regards, Sven Schwedas, Systemadministrator Mail/XMPP sven.schwe...@tao.at | Skype sven.schwedas TAO Digital | Lendplatz 45 | A8020 Graz https://www.tao-digital.at | Tel +43 680 301 7167
Re: WoSign/StartCom CA in the news
On Wed, Sep 28, 2016 at 01:25:42AM -0700, li...@lazygranch.com wrote: > I don't want take this thread off course, but suggestions for low cost > certs would be appreciated. I don't like how Let's Encrypt works, else > that would be the obvious solution. I am curious what you don't like about "Let's Encrypt" it seems usable enough. But, for SMTP, it only needed if you operate a port 587 MSA for submission clients that want to see WebPKI certificates. > Domain registration isn't free. Server time isn't free. Something like > $20 a year would be fine. I already have a self signed cert for email, > but would like to eventually encrypt my websites and attempt dnssec/dane. For DNSSEC/DANE you really don't need WebPKI certs, indeed you're much better off without them. The simplest configuration is a self-signed: _25._tcp.smtp.example.com. IN TLSA 3 1 1 record, which you update shortly before rolling out new keys (as and when you feel like deploying a new key). A more advanced, but ultimately more convenient, configuration, is to create your own self-signed issuing CA whose private key or at least is "passphrase" is "off-line". You then make sure that your server certificate includes the MX hostname as one of the DNS "subjectAltName" values, that your server chainfile includes the issuing CA certificate and proceed to publish two TLSA records: _25._tcp.smtp.example.com. IN TLSA 3 1 1 _25._tcp.smtp.example.com. IN TLSA 2 1 1 with this configuration, you can deploy new server keys without the annoying *prior* DNS changes described in: https://tools.ietf.org/html/rfc7671#section-8.1 When you first deploy the new server key (new private key and associated certificate), provided the certificate is issued by the same private CA, the unchanged "2 1 1" record will continue to validate your server certificate. You can then update the DNS to make the "3 1 1" record match again at your leisure, after everything checks out. At some point later, you may want to replace the CA, that's easy too, just retain the working "3 1 1" record (for the same underlying private key) and get a new CA to issue a certificate for the same key. You'll now have only the "3 1 1" record matching, but that's OK, just update the "2 1 1" when all looks good. This way, you can play "leap-frog" alternating a series of key changes with period CA changes, and DNS changes only after the certificate deployments check out good. The time-line is then: Server Key 1+CA 1 ; Initial state Server Key 2+CA 1 ; Update "3 1 1" after Key change Server Key 3+CA 1 ; Update "3 1 1" after Key change ... Server Key N+CA 1 ; Update "3 1 1" after Key change Server Key N+CA 2 ; Update "2 1 1" after CA change Server Key N+1 +CA 2 ; Update "3 1 1" after Key change Server Key N+2 +CA 2 ; Update "3 1 1" after Key change ... Server Key N+M +CA 2 ; Update "3 1 1" after CA change Server Key N+M +CA 3 ; Update "2 1 1" after CA change ... So long as the CA changes don't coincide with the server key changes, this substantially simplifies keeping the DNS data in sync with reality. You could then automate the DNS updates too, updating the DNS when you observer the live server vending a chain that matches the expected CA and server cert files on disk. Automating pre-publishing ala RFC7671 section 8.1 is more complex. The above approach works a bit less well for public CAs, because issuing CA changes are no longer directly under your control. When I have some time, I may enhance the "postfix tls" sub-command http://www.postfix.org/postfix-tls.1.html to support not just self-signed certs, but also a CA + leaf cert combination as described above, so that folks who are not OpenSSL CLI wizards have an easier time of getting this to work. The only complication really is that ideally the CA private key is stored encrypted with a strong offline passphrase, so that Postfix would have to prompt for a passphrase when that's the case -- Viktor.
Re: WoSign/StartCom CA in the news
> Am 28.09.2016 um 10:25 schrieb li...@lazygranch.com: > > I don't want take this thread off course, but suggestions for low cost certs > would be appreciated. I don't like how Let's Encrypt works, else that would > be the obvious solution. > > Domain registration isn't free. Server time isn't free. Something like $20 a > year would be fine. I already have a self signed cert for email, but would > like to eventually encrypt my websites and attempt dnssec/dane. RapidSSL is about 9EUR per Year and there is a "Basic SSL" option when you use internetx. Seems to be free. > > When Symantec first announced that they would compete with Let's Encrypt, I > signed up with them. But it looks like their free cert program is more like > you need to recruit customers for them. > > > Original Message > From: Sven Schwedas > Sent: Wednesday, September 28, 2016 1:10 AM > To: postfix-users@postfix.org > Subject: Re: WoSign/StartCom CA in the news > > On 2016-09-28 00:31, Giovanni Harting wrote: >> Correct me if I'm wrong, but that document you describe issues by >> Mozilla and others, doesn't it state that it would only affect new >> issues certs after a certain date? > > Yes, but most StartSSL/WoSign certificates are only valid for a year or > less. So customers should start looking for alternative providers *now*, > because a year-long block will affect almost all of them. > >> Am 09/28/16 um 00:29 schrieb Viktor Dukhovni: >>> WoSign (who seemingly purchased StartCom) seem to have run into >>> some compliance issues as reported by Firefox: >>> >>> >>> http://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/ >>> >>> >>> Many SMTP servers are using certs from StartCom. In my DANE >>> adoption survey, out of 2201 certificates used by DANE MX >>> hosts 411 are issued by StartCom and 47 by WoSign. So that's >>> just over 20% of observed certificates. While the rate is >>> likely different for the larger SMTP ecosystem (DANE users >>> are bleeding edge, not representative at this time), I expect >>> that these CAs are still quite popular overall. >>> >>> If you're using StartCom/WoSign certs, and rely on them being >>> verified by MUAs and/or peer MTAs. you may want to make >>> contingency plans if Mozilla and perhaps others go through >>> with delisting (or disabling) the related root CAs from >>> their trusted CA bundles. >>> >> > > -- > Mit freundlichen Grüßen, / Best Regards, > Sven Schwedas, Systemadministrator > Mail/XMPP sven.schwe...@tao.at | Skype sven.schwedas > TAO Digital | Lendplatz 45 | A8020 Graz > https://www.tao-digital.at | Tel +43 680 301 7167 > smime.p7s Description: S/MIME cryptographic signature
Re: WoSign/StartCom CA in the news
Am 28. September 2016 10:25:42 MESZ, schrieb li...@lazygranch.com: >I don't want take this thread off course, but suggestions for low cost >certs would be appreciated. I don't like how Let's Encrypt works, else >that would be the obvious solution. I get mine through https://www.ssls.com >Domain registration isn't free. Server time isn't free. Something like >$20 a year would be fine. I already have a self signed cert for email, >but would like to eventually encrypt my websites and attempt >dnssec/dane. > >When Symantec first announced that they would compete with Let's >Encrypt, I signed up with them. But it looks like their free cert >program is more like you need to recruit customers for them. > > > Original Message >From: Sven Schwedas >Sent: Wednesday, September 28, 2016 1:10 AM >To: postfix-users@postfix.org >Subject: Re: WoSign/StartCom CA in the news > >On 2016-09-28 00:31, Giovanni Harting wrote: >> Correct me if I'm wrong, but that document you describe issues by >> Mozilla and others, doesn't it state that it would only affect new >> issues certs after a certain date? > >Yes, but most StartSSL/WoSign certificates are only valid for a year or >less. So customers should start looking for alternative providers >*now*, >because a year-long block will affect almost all of them. > >> Am 09/28/16 um 00:29 schrieb Viktor Dukhovni: >>> WoSign (who seemingly purchased StartCom) seem to have run into >>> some compliance issues as reported by Firefox: >>> >>> >>> >http://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/ >>> >>> >>> Many SMTP servers are using certs from StartCom. In my DANE >>> adoption survey, out of 2201 certificates used by DANE MX >>> hosts 411 are issued by StartCom and 47 by WoSign. So that's >>> just over 20% of observed certificates. While the rate is >>> likely different for the larger SMTP ecosystem (DANE users >>> are bleeding edge, not representative at this time), I expect >>> that these CAs are still quite popular overall. >>> >>> If you're using StartCom/WoSign certs, and rely on them being >>> verified by MUAs and/or peer MTAs. you may want to make >>> contingency plans if Mozilla and perhaps others go through >>> with delisting (or disabling) the related root CAs from >>> their trusted CA bundles. >>> >>
Re: WoSign/StartCom CA in the news
On 2016-09-28 10:25, li...@lazygranch.com wrote: > I don't want take this thread off course, but suggestions for low cost certs > would be appreciated. I don't like how Let's Encrypt works, else that would > be the obvious solution. "how Let's Encrypt works" is a bit vague. Domain verification is standard for a lot of registrars (and safer than what StartSSL does, which is allowing you to breach their TOS if you pay hush money), and there are LE clients that don't automatically fuck up your server configs, if that's your concern (we use simp_le, e.g., it just generates the certs and everything else is up to you). > Domain registration isn't free. Server time isn't free. Something like $20 a > year would be fine. I already have a self signed cert for email, but would > like to eventually encrypt my websites and attempt dnssec/dane. Have you considered CACert? Otherwise it's either scummy registrars that ought to be the next on the chop block (like Comodo) or gets expensive fast. (Or both.) > When Symantec first announced that they would compete with Let's Encrypt, I > signed up with them. But it looks like their free cert program is more like > you need to recruit customers for them. Same with the others. Of course they want to stay in business, even if it's dead already. > > > Original Message > From: Sven Schwedas > Sent: Wednesday, September 28, 2016 1:10 AM > To: postfix-users@postfix.org > Subject: Re: WoSign/StartCom CA in the news > > On 2016-09-28 00:31, Giovanni Harting wrote: >> Correct me if I'm wrong, but that document you describe issues by >> Mozilla and others, doesn't it state that it would only affect new >> issues certs after a certain date? > > Yes, but most StartSSL/WoSign certificates are only valid for a year or > less. So customers should start looking for alternative providers *now*, > because a year-long block will affect almost all of them. > >> Am 09/28/16 um 00:29 schrieb Viktor Dukhovni: >>> WoSign (who seemingly purchased StartCom) seem to have run into >>> some compliance issues as reported by Firefox: >>> >>> >>> http://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/ >>> >>> >>> Many SMTP servers are using certs from StartCom. In my DANE >>> adoption survey, out of 2201 certificates used by DANE MX >>> hosts 411 are issued by StartCom and 47 by WoSign. So that's >>> just over 20% of observed certificates. While the rate is >>> likely different for the larger SMTP ecosystem (DANE users >>> are bleeding edge, not representative at this time), I expect >>> that these CAs are still quite popular overall. >>> >>> If you're using StartCom/WoSign certs, and rely on them being >>> verified by MUAs and/or peer MTAs. you may want to make >>> contingency plans if Mozilla and perhaps others go through >>> with delisting (or disabling) the related root CAs from >>> their trusted CA bundles. >>> >> > -- Mit freundlichen Grüßen, / Best Regards, Sven Schwedas, Systemadministrator Mail/XMPP sven.schwe...@tao.at | Skype sven.schwedas TAO Digital | Lendplatz 45 | A8020 Graz https://www.tao-digital.at | Tel +43 680 301 7167 signature.asc Description: OpenPGP digital signature
Re: WoSign/StartCom CA in the news
I don't want take this thread off course, but suggestions for low cost certs would be appreciated. I don't like how Let's Encrypt works, else that would be the obvious solution. Domain registration isn't free. Server time isn't free. Something like $20 a year would be fine. I already have a self signed cert for email, but would like to eventually encrypt my websites and attempt dnssec/dane. When Symantec first announced that they would compete with Let's Encrypt, I signed up with them. But it looks like their free cert program is more like you need to recruit customers for them. Original Message From: Sven Schwedas Sent: Wednesday, September 28, 2016 1:10 AM To: postfix-users@postfix.org Subject: Re: WoSign/StartCom CA in the news On 2016-09-28 00:31, Giovanni Harting wrote: > Correct me if I'm wrong, but that document you describe issues by > Mozilla and others, doesn't it state that it would only affect new > issues certs after a certain date? Yes, but most StartSSL/WoSign certificates are only valid for a year or less. So customers should start looking for alternative providers *now*, because a year-long block will affect almost all of them. > Am 09/28/16 um 00:29 schrieb Viktor Dukhovni: >> WoSign (who seemingly purchased StartCom) seem to have run into >> some compliance issues as reported by Firefox: >> >> >> http://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/ >> >> >> Many SMTP servers are using certs from StartCom. In my DANE >> adoption survey, out of 2201 certificates used by DANE MX >> hosts 411 are issued by StartCom and 47 by WoSign. So that's >> just over 20% of observed certificates. While the rate is >> likely different for the larger SMTP ecosystem (DANE users >> are bleeding edge, not representative at this time), I expect >> that these CAs are still quite popular overall. >> >> If you're using StartCom/WoSign certs, and rely on them being >> verified by MUAs and/or peer MTAs. you may want to make >> contingency plans if Mozilla and perhaps others go through >> with delisting (or disabling) the related root CAs from >> their trusted CA bundles. >> > -- Mit freundlichen Grüßen, / Best Regards, Sven Schwedas, Systemadministrator Mail/XMPP sven.schwe...@tao.at | Skype sven.schwedas TAO Digital | Lendplatz 45 | A8020 Graz https://www.tao-digital.at | Tel +43 680 301 7167
Re: WoSign/StartCom CA in the news
On 2016-09-28 00:31, Giovanni Harting wrote: > Correct me if I'm wrong, but that document you describe issues by > Mozilla and others, doesn't it state that it would only affect new > issues certs after a certain date? Yes, but most StartSSL/WoSign certificates are only valid for a year or less. So customers should start looking for alternative providers *now*, because a year-long block will affect almost all of them. > Am 09/28/16 um 00:29 schrieb Viktor Dukhovni: >> WoSign (who seemingly purchased StartCom) seem to have run into >> some compliance issues as reported by Firefox: >> >> >> http://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/ >> >> >> Many SMTP servers are using certs from StartCom. In my DANE >> adoption survey, out of 2201 certificates used by DANE MX >> hosts 411 are issued by StartCom and 47 by WoSign. So that's >> just over 20% of observed certificates. While the rate is >> likely different for the larger SMTP ecosystem (DANE users >> are bleeding edge, not representative at this time), I expect >> that these CAs are still quite popular overall. >> >> If you're using StartCom/WoSign certs, and rely on them being >> verified by MUAs and/or peer MTAs. you may want to make >> contingency plans if Mozilla and perhaps others go through >> with delisting (or disabling) the related root CAs from >> their trusted CA bundles. >> > -- Mit freundlichen Grüßen, / Best Regards, Sven Schwedas, Systemadministrator Mail/XMPP sven.schwe...@tao.at | Skype sven.schwedas TAO Digital | Lendplatz 45 | A8020 Graz https://www.tao-digital.at | Tel +43 680 301 7167 signature.asc Description: OpenPGP digital signature
Re: WoSign/StartCom CA in the news
> On Sep 27, 2016, at 6:31 PM, Giovanni Harting <5...@idlegandalf.com> wrote: > > Correct me if I'm wrong, but that document you describe issues by Mozilla and > others, doesn't it state that it would only affect new issues certs after a > certain date? Yes, quote: Taking into account all the issues listed above, Mozilla's CA team has lost confidence in the ability of WoSign/StartCom to faithfully and competently discharge the functions of a CA. Therefore we propose that, starting on a date to be determined in the near future, Mozilla products will no longer trust newly-issued certificates issued by either of these two CA brands. We plan to distrust only newly-issued certificates to try and reduce the impact on web users, as both of these CA brands have substantial outstanding certificate corpuses. Our proposal is that we determine "newly issued" by examining the notBefore date in the certificates. It is true that this date is chosen by the CA and therefore WoSign/StartCom could back-date certificates to get around this restriction. And there is, as we have explained, evidence that they have done this in the past. However, many eyes are on the Web PKI and if such additional back-dating is discovered (by any means), Mozilla will immediately and permanently revoke trust in all WoSign and StartCom roots. -- -- Viktor.
Re: WoSign/StartCom CA in the news
Correct me if I'm wrong, but that document you describe issues by Mozilla and others, doesn't it state that it would only affect new issues certs after a certain date? Am 09/28/16 um 00:29 schrieb Viktor Dukhovni: WoSign (who seemingly purchased StartCom) seem to have run into some compliance issues as reported by Firefox: http://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/ Many SMTP servers are using certs from StartCom. In my DANE adoption survey, out of 2201 certificates used by DANE MX hosts 411 are issued by StartCom and 47 by WoSign. So that's just over 20% of observed certificates. While the rate is likely different for the larger SMTP ecosystem (DANE users are bleeding edge, not representative at this time), I expect that these CAs are still quite popular overall. If you're using StartCom/WoSign certs, and rely on them being verified by MUAs and/or peer MTAs. you may want to make contingency plans if Mozilla and perhaps others go through with delisting (or disabling) the related root CAs from their trusted CA bundles.
WoSign/StartCom CA in the news
WoSign (who seemingly purchased StartCom) seem to have run into some compliance issues as reported by Firefox: http://arstechnica.com/security/2016/09/firefox-ready-to-block-certificate-authority-that-threatened-web-security/ Many SMTP servers are using certs from StartCom. In my DANE adoption survey, out of 2201 certificates used by DANE MX hosts 411 are issued by StartCom and 47 by WoSign. So that's just over 20% of observed certificates. While the rate is likely different for the larger SMTP ecosystem (DANE users are bleeding edge, not representative at this time), I expect that these CAs are still quite popular overall. If you're using StartCom/WoSign certs, and rely on them being verified by MUAs and/or peer MTAs. you may want to make contingency plans if Mozilla and perhaps others go through with delisting (or disabling) the related root CAs from their trusted CA bundles. -- Viktor.