Let’s Encrypt Updates Its Trust Chain: What You Need to Know
Written on
Understanding Let’s Encrypt's Transition
Since its launch, Let’s Encrypt has relied on the DST Root CA X3 intermediate certificate from IdenTrust, which made it widely recognized and operational across numerous devices.
However, with the expiration of the original certificate in 2021, a new certificate was issued to maintain compatibility with older devices, particularly Android. The ISRG Root X1 certificate has since gained broad acceptance and support across various platforms. Android compatibility has significantly improved, soaring from 66% to 93.9% in three years, with further growth anticipated especially with Android 14, which allows root certificate updates outside regular system updates.
Let’s Encrypt has declared its intention to shorten the chain of trust, which will lead to a reduction of over 40% in data transferred during TLS communications, thereby lowering operational costs.
Video Description: A warning about the implications of using Let’s Encrypt certificates and the changes coming on February 8, 2024.
Transition Timeline
The transition will officially begin on February 8, 2024, when Let’s Encrypt will cease using cross-signatures for new certificates by default. Clients needing backward compatibility can request a new certificate with the old chain until June 6, 2024. After this date, there will be a 90-day grace period for certificates issued under the old method, culminating in the expiration of the current cross-signed certificate on September 30, 2024. This will mark Let’s Encrypt’s permanent disconnection from IdenTrust.
Users on Android 7.0 and earlier may face challenges and are encouraged to switch to the Firefox browser, which uses its own independent root certificate store.
The Importance of Root Certificates
Every public Certificate Authority (CA) must maintain at least one root certificate recognized by browsers and operating systems. This root certificate serves as a trust anchor, enabling users to validate that a certificate from a website is issued by a trusted authority. Root certificates typically have long lifespans, necessitating robust protection of their private keys.
To manage this, authorities issue intermediate certificates based on the root certificate, which have shorter lifetimes and can be replaced as needed. Over the past five years, Let’s Encrypt has utilized the ISRG Root X1, which is valid until 2035 and features a 4096-bit RSA key.
Video Description: A guide to handling Cloudflare's email regarding Let's Encrypt certificate chain changes and what it means for users.
Intermediate Certificate Evolution
Let’s Encrypt has generated several intermediate certificates over the years, including X1, X2, X3, and X4, all of which have cross-signatures with the IdenTrust root certificate. The introduction of two new intermediate certificates, R3 and R4, with 2048-bit RSA keys is on the horizon, serving as full replacements for the expiring X3 and X4 certificates.
The organization plans to begin issuing R3 certificates towards the end of this year, with no expected disruption for users.
Innovative ECDSA Approaches
A significant change is the introduction of the ISRG Root X2 certificate, which employs ECDSA P-384 keys instead of RSA, valid until 2040. This leads to the creation of two new intermediate certificates, E1 and E2, which will not cross-sign with IdenTrust’s DST Root CA X3 but will be signed by ISRG Root X1.
The ECDSA algorithm provides several advantages, including smaller keys for equivalent security and reduced energy consumption, leading to more efficient connections.
Efficiency Gains
When establishing HTTPS connections, the TLS handshake necessitates the transmission of the server's end certificate and its associated intermediate certificates. The use of ECDSA keys can significantly decrease the amount of data transferred, yielding savings of about 400 bytes per certificate. This efficiency translates into lower bandwidth costs for service providers and faster loading times for users.
Further optimizations include shortening the Subject Common Name of the authority from “Let’s Encrypt Authority X3” to just “R3”, while still retaining essential organizational information.
Conclusion: Embracing Change
The transition to a more efficient certificate structure is crucial as the digital landscape evolves. Let’s Encrypt's commitment to automation extends to the creation of root and intermediate certificates, minimizing human intervention in these processes.
The authority has been transparent about these updates, providing ample information through community channels. As we approach these changes, users are encouraged to stay informed and adapt as necessary.
Thank you for reading! If you found this article helpful, please consider liking and commenting. For more insights, follow me! Your support is appreciated.