[peoplefromibiza]

imagine applying the same medicine to other situations.

- you're two minutes late, your appointment has been canceled

- but I am here for the chemio. I drove 100 miles to be here.

- Get your shit together or fuck off for the sake of everyone else. Nobody cares about all the layers of bureaucracy between you and being on time. That's your fucking problem

[crote]

How about a

- Your doctor let their medical license lapse. They are legally not allowed to practice medicine until they renew it.

or a

- The hospital did not pass its mandatory inspection. We are not allowed to practice medicine here until we redo the inspection and pass it.

?

Renewing certificates isn't exactly rocket science. It's not an oopsie-whoopsie, it is a pretty massive ops failure and should be treated as such.

[peoplefromibiza]

> Your doctor let their medical license lapse. They are legally not allowed to practice medicine until they renew it

medical licenses don't arbitrarily expire every 3 months.

But anyway it's funny that medical licenses expire in some place.

Once a doctor, you're always a doctor, unless you do something wrong with your license and it gets revoked.

An expired license doesn't make your skills useless or you less capable.

If I had a stroke on the streets I would certainly trust a doctor to help me, even if the his license is expired (again, who let medical licenses expire? not even in USSR medical profession was so bureaucratic!)

Who gave the issuer of the certificates and the browser's vendors the right to decide if I can or can't _visit a website_ that has an expired cert?

and what's the matter?

we accept E2E encryption on chats that use TOFU, but we should "fuck off" web sites with an expired cert that hasn't changed, it's not been revoked, is exactly the same as before, providing the same level of security of before?

I don't understand this fixation, unless a lot of people make a lot of money out of this madness.

I mean , we all know that rotating passwords don't improve security, but suddenly making cert expire does?

silly.

> Renewing certificates isn't exactly rocket science

people make mistakes, problems arise, if I need that website now and it's not available because CHROME or FIREFOX or SAFARI chose so, it's a problem for me.

I'm not a baby, I'm an adult.

I can't count how many times that particular piece of information I was looking for was hosted on an old website that's only accessible via HTTP (another thing security zealots don't want you to use) or had an expired certificate.

Let me take my risks and give me a way to disable your bike wheels, I'm not Google's son.

And seriously, the entire f*king HTTPS business cannot rely on a non profit USA org, sponsored by all the usual suspects.

[tremon]

That analogy is a bit off because the certificate problem is on the supplier's side, not the customer's. A more apt analogy would be "no you can't see the doctor today, because their passport expired yesterday".

[oalae5niMiel7qu]

"The doctor is two minutes late, therefore all appointments today have been cancelled."

[dmurray]

"The doctor's malpractice insurance expired yesterday, therefore the doctor cannot risk seeing you today even for this very routine appointment."

[peoplefromibiza]

> The doctor's malpractice insurance expired yesterday

certs are not malpractice insurances though, they simply say that who you say are is who you say you are, which doesn't change when the cert expires.

Ids expire only to remind people to update their personal data and the picture on them.

And to remind the State to do a bit of background check once in a while, but even passports last 10 years.