[Cryptography] letsencrypt.org
John-Mark Gurney
jmg at funkthat.com
Fri Sep 15 20:39:07 EDT 2017
Jason Cooper wrote this message on Wed, Sep 13, 2017 at 21:44 +0000:
> On Wed, Sep 13, 2017 at 02:18:40PM -0400, Bayuk wrote:
> > Has anyone on this list contributed to https://letsencrypt.org/ - and/or
> > otherwise have personal experience, caveats, recommendations with respect to
> > the current service or roadmap?
>
> It's extremely useful, with the caveat that certificates are only valid
> for 90 days (by design), and require admin privileges to install.
BTW, IMO, even 90 days is too long. Moving to automation means that
short time frames aren't a problem, and shorter time frames means that
for all the devices that don't handle revokation won't trust the cert
as long.
Made sense years ago, not any more...
--
John-Mark Gurney Voice: +1 415 225 5579
"All that I will do, has been done, All that I have, has not."
More information about the cryptography
mailing list