[Cryptography] Why Alexander Hanff won't be using "Let's Encrypt"

Ray Dillinger bear at sonic.net
Wed Dec 3 12:21:16 EST 2014

On 12/03/2014 07:09 AM, Henry Baker wrote:

> 'It is an insane strategy by all parties involved - it removes all
> confidence in TLS certificates as far as I am concerned and I will
> absolutely not be using the service and have to strongly recommend
> others refrain from doing so as well.'

Honestly?  I think that may be a good thing.  TLS certificates
are not a good security solution; I think people need to not
be confident in them.

In fact, if there are any well-meaning extremists on the project,
(and there are) that may have been the whole point of the Let's
Encrypt project in the first place.  While people still believe
in TLS there is no possibility of progress in security because
everyone just points at TLS and thinks it's taken care of.  If
you wanna build anything better, and something is in the way, it
has to be destroyed.

Public (over)confidence in TLS was in the way.  Let's Encrypt
is the easiest way to destroy it.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20141203/27d60eb4/attachment.sig>

More information about the cryptography mailing list