[HacktionLab] FYI: Free certificate authority
ekes
ekes at aktivix.org
Fri Nov 21 09:17:52 UTC 2014
On 21/11/14 10:06, Christian Wach wrote:
> On 20 Nov 2014, at 19:52, Charlie Harvey <charlie at newint.org> wrote:
>
>> Saw this and thought of the hacktionlab:
>> https://www.schneier.com/blog/archives/2014/11/a_new_free_ca.html
>>
>> "Announcing Let's Encrypt, a new free certificate authority. This is a
>> joint project of EFF, Mozilla, Cisco, Akamai, and the University of
>> Michigan."
>
> What do you think of this counter-argument?
>
> <https://www.linkedin.com/today/post/article/20141120073425-26662417-why-i-won-t-be-using-let-s-encrypt-and-recommend-other-not-to-also>
tl;dr X.509 is broken so we shouldn't dirty ourselves by lending it any
more credence. To encourage people use it gives them a false sense of
security.
Maximalist position that doesn't give people the, actually real, layer
of protection they could get now; and working for an alternative doesn't
negate getting more people to use the agreed standard at the moment.
ekes
More information about the HacktionLab
mailing list