[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Cryptography] letsencrypt.org

On Wed, 13 Sep 2017 14:18:40 -0400 "Bayuk" <jennifer AT bayuk.com> wrote:
> Has anyone on this list contributed to  https://letsencrypt.org/ -
> and/or otherwise have personal experience, caveats, recommendations
> with respect to the current service or roadmap?

It works. I use it a lot for random sites where I don't care deeply
about the security of the system.

Note my security caveat isn't about the certificates being somehow
less good than other certificates. It is that someone gaining
temporary control of a server for your domain is in a good position to
also get a cert for your domain signed. Of course, absent a system
like Certificate Transparency, or cert pinning, that's the case
anyway, so perhaps I'm being paranoid.

Perry E. Metzger		perry AT piermont.com
The cryptography mailing list
cryptography AT metzdowd.com