Hacker News new | ask | show | jobs
by bawolff 126 days ago
In theory 8 hours of downtime should be fine for a CA. Obviously not ideal, but the pki system is not meant to be a live system.
1 comments
SchemaLoad 126 days ago
Fairly sure it used to be pretty much a manual process where someone had to actually process your request for a certificate on the other side.
link
Ayesh 126 days ago
Yes, and it's not that long ago, or I aged really quickly.

For code signing certificates and EV certificates, (and OV certificates, if they are even alive), this is still the case.

link
SchemaLoad 124 days ago
It's been 11 years now since Lets Encrypt started with automated certs. EV certs I think died a long time ago.
link