[kwlug-disc] Let's Encrypt out of beta
Paul Nijjar
paul_nijjar at yahoo.ca
Fri Apr 15 14:59:42 EDT 2016
On Fri, Apr 15, 2016 at 08:24:32AM -0400, Jason Locklin wrote:
>
>
> On 14/04/16 11:06 PM, Paul Nijjar via kwlug-disc wrote:
> > On Thu, Apr 14, 2016 at 08:21:28AM +0000, B.S. via kwlug-disc wrote:
> >> ----- Original Message -----
> > Maybe a better word than "dangerous" is "fragile".
> >
> > None of this is to suggest that I am uninterested in Let's Encrypt. We
> > have not deployed it at work, but I think we will. I will not be
> > trusting in its longevity, however.
>
> I'm curious, Paul, what model you think would be less fragile? Solely
> private-donation funded projects are certainly not more stable, and
> neither are un-funded works done purely out of interest by the
> developer. Directly commercialized projects have pretty much the same
> expected lifespan as FLOSS projects, disappearing all the time.
I agree that private-donation funded projects or unfunded projects are
not stable. In some sense this is the very problem that has plagued
FLOSS since its inception. We are converging on some business models
now, but many of them are gross (SaaS) or unsustainable (give
everything away and hope that money comes in eventually?) or both. I
do not have a complete answer about how to keep FLOSS both robust and
accessible to the commons.
In principle the code is open and available. If there were a bunch of
organizations running their own Boulder server CAs then I would be
less worried. Maybe this is happening, but I do not know what those
other services are. That would be a model that is more robust, in any
case.
Maybe the funding model becomes semi-gross, with different kinds of
certificates being offered at different price levels. My (incomplete)
understanding is that Let's Encrypt cannot issue all the kinds of
certificates that one might want. There may be a paid mechanism to
allow this. If a different organization forked the code and built this
in, that would make the ecosystem as a whole more robust.
> At this point, a FLOSS project, like let's encrypt, with a long list of
> commercial sponsors and private donors and a low overhead is easily as
> trustworthy as any other project or commercial service. Unless there is
> some other piece of information, calling it fragile can't be justified
> as much more than FUD.
I agree that FLOSS is an advantage. I agree that having a long list
of commercial sponsors can be beneficial, PROVIDED that the project
can lose a bunch of their important sponsors (say all their Gold
sponsors?) and still continue operating. I see that the University of
Michigan is involved, which is some comfort. Universities have proven
to be stable hosting platforms for FLOSS (although they are
not stable development platforms, because of grant limitations). So I
do not think that Let's Encrypt is the most fragile infrastructure out
there.
You may be right. Maybe this is FUD. But I think that worrying about
this infrastructure for Let's Encrypt is more important than the
average unsustainable project, because Let's Encrypt is trying to
become a core component of the Web. If Let's Encrypt is successful
then a lot of commercial CAs are going to go out of business. And like
the Software Freedom Conservancy, I do not see CA infrastructure as
being politically neutral.
- Paul
--
http://pnijjar.freeshell.org
More information about the kwlug-disc
mailing list