|
|
|
|
|
|
by bawolff
1598 days ago
|
|
|
Kind of an incoherent rant. Half of it is about not wanting to pay $$$ for certs, which is really irrelevant if the question is why not use lets encrypt,not why not use some other service. The author also seems to be arguing at the same time that the webpki threat model is both too strict and not strict enough, which doesn't make for the most compelling argument (pick a side). The only reason given for not wanting let's encrypt is that its usa based, and the author doesn't trust the us government. However the author totally ignores the primary control against that - namely certificate transparency, and the idea that even if us government has this capability (big if) they can only use it once and you're probably not valuable enough. |
|
|