|
|
|
|
|
|
by akerl_
4097 days ago
|
|
|
Even in a world where Lets Encrypt exists and actually provides free certs, I don't want a world where they become the SPOF for all certs, and I can't even imagine that they want that world. Insofar as I can guess the end-game, it seems like they want to offer free certs so that providers like EuroDNS do exactly this. That way we have lots of providers offering free certs and competing on features and security rather than cost. |
|
|
Considering that Let's Encrypt seems to be planning to release all their software as Open Source, it seems like anyone willing to go through the time-consuming and expensive audit process could become a provider using similar infrastructure.
In particular, Let's Encrypt isn't just about the free certificates, it's about having automatic renewal and easy setup. Automatic renewal in particular is something I haven't seen from any other provider; I don't know any CAs that even have an API. I'd like to see that become a minimum expectation from all CAs.
I wonder sometimes why Amazon doesn't offer a CA as part of the AWS family of services, with an API for creating new certificates.