[Cryptography] Government shutdown: TLS certificates not renewed, many websites are down
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Fri Jan 11 20:14:46 EST 2019
John Levine <johnl at iecc.com> writes:
>But now explain that to my generic non-technical user, my perfectly smart 82
>year old mother-in-law. I think I could get as far as "it's probably OK if
>it was OK last week and nothing else has changed", but there's no way she's
>going to be squinting at cert internals.
And that was my point, this isn't something the user should have to deal with,
the browsers should apply graceful degradation for them. They bend over
backwards to accommodate every imaginable type of brokenness on the web, but
the one thing they don't deal with is some site admin paying their CA tithe a
few weeks late.
Peter.
More information about the cryptography
mailing list