Happy birthday to Let’s Encrypt !

Huge thanks to everyone involved in making HTTPS available to everyone for free !

  • jj4211@lemmy.world
    link
    fedilink
    English
    arrow-up
    6
    ·
    22 hours ago

    Just two months ago, a security team member dinged one of our services for using Lets Encrypt, as “it’s not as secure as a traditional CA”.

    • bfg9k@lemmy.world
      link
      fedilink
      English
      arrow-up
      10
      ·
      19 hours ago

      I’d love for them to explain how, if anything the short cert validity and constant re-checking of the domain seems more secure than traditional CAs

      • danA
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        5 hours ago

        I’d also argue that the fact that it’s 100% automated and their software is open source makes it objectively more secure. On the issuing side, there’s no room for human error, social engineering, etc.

    • EnderMB@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      18 hours ago

      It’s sad that these arguments are still being shared. It was the same arguments years ago from people that would just assume that a free cert was inherently unsafe.