Ask HN: what happened to LastPass?

25 points by yuvadam ↗ HN
http://lastpass.com yields:

    An error occurred during a connection to lastpass.com.
    Peer's Certificate has been revoked.
    (Error code: sec_error_revoked_certificate)

10 comments

[ 4.3 ms ] story [ 28.1 ms ] thread
it works fine for me. I see they've updated their website design.
Their certificate has been revoked. Will be interesting to find out why.

EDIT: They have a new cert online now. One which hasn't been revoked. The issuer is the same. The new cert was generated two days ago.

EDIT2: Their old cert. The one which was revoked wasn't due to expire for another 323 days. I wonder if this is a precaution in case they actually were hacked and their private ssl key was compromised. Hopefully they'll explain what happened.

EDIT3: Here's a screen grab of the information Certificate Patrol gave me about their old and new certificates side by side: https://grepular.com/lastpass.png

EDIT4: On twitter they are stating: "As a security precaution we acquired a new security certificate, they revoked our old one a bit too soon. Fixed" - https://twitter.com/lastpass

EDIT5: Their latest tweet: "Our new SSL cert is active, this was a planned security upgrade : In the words of the Hitchiker's Guide to the Galaxy, DON'T PANIC."

Checking out their latest blog post from 4 days ago: http://blog.lastpass.com/2011/05/lastpass-security-notificat... it says:

"Multiple security experts and firms were brought in to help us, we've engaged one firm to do a further source code based review."

I'm guessing one or more of these security experts advised that they should get their certificate revoked and replaced purely as a precaution. The new cert has the same expiry date as the old one.

Your speculation is correct -- we re-keyed the certificate just as a precaution. Rolling a new cert is tough as thousands of people's clocks are wrong, so we thought we'd give it a full day so those people wouldn't receive errors -- we didn't realize the old one would be revoked so quickly (it was automatic with the rekey).
Best practice in this case would be to get your new cert from a new CA, then revoke the old one with the original CA once you've got the new cert in place. Plus, of course, announcing everything in advance. (I'd wait a month or so unless you had specific fear of the old one having been compromised).
Just wondering.. Why use a new CA?
The new CA won't invalidate your old CA's cert. You want to preserve availability of the old CA's cert until the new one is deployed across all your servers.

In practice, SSL (with CA certified keys issued by lame public CAs) is only really protection from passive eavesdropping anyway; there are enough bad or lax CAs out there that you have to assume an attacker can get a key for an arbitrary site, or can steal a site (not protected in an HSM) from almost any site.

There's nothing really wrong with the X509 PKI in the abstract, but it doesn't really work well for real identity on the Internet. Protection from passive attacks is worthwhile, but it's not worth the disruption to your users to push beyond that to try to keep only one key at a time out there.

(comment deleted)