| HN Mirror

> Your doctor let their medical license lapse. They are legally not allowed to practice medicine until they renew it

medical licenses don't arbitrarily expire every 3 months.

But anyway it's funny that medical licenses expire in some place.

Once a doctor, you're always a doctor, unless you do something wrong with your license and it gets revoked.

An expired license doesn't make your skills useless or you less capable.

If I had a stroke on the streets I would certainly trust a doctor to help me, even if the his license is expired (again, who let medical licenses expire? not even in USSR medical profession was so bureaucratic!)

Who gave the issuer of the certificates and the browser's vendors the right to decide if I can or can't _visit a website_ that has an expired cert?

and what's the matter?

we accept E2E encryption on chats that use TOFU, but we should "fuck off" web sites with an expired cert that hasn't changed, it's not been revoked, is exactly the same as before, providing the same level of security of before?

I don't understand this fixation, unless a lot of people make a lot of money out of this madness.

I mean , we all know that rotating passwords don't improve security, but suddenly making cert expire does?

silly.

> Renewing certificates isn't exactly rocket science

people make mistakes, problems arise, if I need that website now and it's not available because CHROME or FIREFOX or SAFARI chose so, it's a problem for me.

I'm not a baby, I'm an adult.

I can't count how many times that particular piece of information I was looking for was hosted on an old website that's only accessible via HTTP (another thing security zealots don't want you to use) or had an expired certificate.

Let me take my risks and give me a way to disable your bike wheels, I'm not Google's son.

And seriously, the entire f*king HTTPS business cannot rely on a non profit USA org, sponsored by all the usual suspects.