[Cryptography] Apple's 13-month certificate policy
John Levine
johnl at taugh.com
Sat Feb 22 20:38:10 EST 2020
In article <20200222235551.GG31888 at funkthat.com>,
>> headaches. I suspect that Apple's move will accelerate the adoption of
>> Let's Encrypt, now that everyone will have to renew more often.
>
>Or at least force other CA's to adaopt the ACME api to issue certs.
ACME works great for Let's Encrypt, but I expect it'll work less great
for CAs that want people to pay. There's no techical problem to take
a payment out of an account when they do a renewal, but I expect it'll
be a business problem to persuade customers either to prepay a balance
or trust some random CA reseller with their credit card info.
On a growing number of devices there is no visible difference between
what you get with a LE cert and what you get with a paid cert, even a
paid EV cert, so it's another nail in the coffin of the CA industry.
--
Regards,
John Levine, johnl at taugh.com, Primary Perpetrator of "The Internet for Dummies",
Please consider the environment before reading this e-mail. https://jl.ly
More information about the cryptography
mailing list