Happy birthday to Let’s Encrypt !

Huge thanks to everyone involved in making HTTPS available to everyone for free !

  • jj4211@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    2 days ago

    Just two months ago, a security team member dinged one of our services for using Lets Encrypt, as “it’s not as secure as a traditional CA”.

    • bfg9k@lemmy.world
      link
      fedilink
      English
      arrow-up
      14
      ·
      2 days ago

      I’d love for them to explain how, if anything the short cert validity and constant re-checking of the domain seems more secure than traditional CAs

      • dan@upvote.au
        link
        fedilink
        English
        arrow-up
        7
        ·
        edit-2
        2 days ago

        I’d also argue that the fact that it’s 100% automated and their software is open source makes it objectively more secure. On the issuing side, there’s no room for human error, social engineering, etc.

    • EnderMB@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      ·
      2 days ago

      It’s sad that these arguments are still being shared. It was the same arguments years ago from people that would just assume that a free cert was inherently unsafe.