Hacker News new | ask | show | jobs
by pcnix 2627 days ago
This is because the IdenTrust root is expiring though, it's not something LetsEncrypt can do anything about.
2 comments
profmonocle 2627 days ago
They could get a new cross-signed intermediate from a root with broader compatibility.

Though I imagine that's extremely expensive. I expect that has something to do with this decision - they are a non-profit after all.

link
panarky 2627 days ago
> it's not something LetsEncrypt can do anything about

This is going to cause a lot of stuff to break, and it's 100% LE's responsibility.

HN's root cert is valid through 2038.

LE could have gotten cross-signed by a cert that didn't expire so soon, but they didn't.

link
londons_explore 2627 days ago
> LE could have gotten cross-signed by a cert that didn't expire so soon, but they didn't.

And they still could.

link