←back to thread

LetsEncrypt – Expiration Notification Service Has Ended

(letsencrypt.org)
181 points zdw | 7 comments | 30 Jun 25 04:49 UTC | HN request time: 1.019s | source | bottom
Show context
wordofx[dead post] ◴[30 Jun 25 07:41 UTC] No.44420535[source]
[flagged]
1. gleenn ◴[30 Jun 25 08:28 UTC] No.44420820[source]
Sending single custom emails is much more effort than bulk-mailing a huge list operationally. Sending bulk can be accomplished by uploading a csv of emails to some enail bulk sender versus code to run at the correct time for the correct user... way easier in bulk and way cheaper
replies(2): >>44420845 #>>44421262 #
2. Y_Y ◴[30 Jun 25 08:32 UTC] No.44420845[source]
Is it truly much more difficult? At worst you could batch them by week and registered email, a one-liner can generate the list of destinations, and then you send that to your newsletter-sender-service and call the email "your cert is expiring next week".
replies(2): >>44420930 #>>44421142 #
3. leakycap ◴[30 Jun 25 08:46 UTC] No.44420930[source]
It is easy to think something like this is easy until you attempt to do it.

Are you really questioning a free SSL Certificate system when it says something is too complex and not worth it?

If you ever set up a free SSL before LetsEncrypt, you'd know they're amazing and you can trust them not to lie to you, especially about this where they've outlined the reasons clearly.

4. szszrk ◴[30 Jun 25 09:17 UTC] No.44421142[source]
Of course it's more difficult.

You are talking of a volume of around 600 000 000 domains (based on a plot on their website) that try to renew at best after 8 weeks. And that's just default profile, there are 160h certs profiles now [0].

You think they will ever send nearly as much as (at least) 75 million newsletter mails weekly? Sendgrid's highest value in their pricing slider is 1,25 mil a week.

- [0] https://letsencrypt.org/docs/profiles/

5. wordofx ◴[30 Jun 25 09:37 UTC] No.44421262[source]
It has nothing to do with complexity.

> Providing expiration notification emails means that we have to _retain millions of email addresses_ connected to issuance records. As an organization that _values privacy_, removing this requirement is important to us.

A mailing list. Is still retaining emails somewhere. Doesn’t matter if it’s stored in a text file on a usb drive in a vault. It’s still retaining an email list.

replies(1): >>44422109 #
6. nulbyte ◴[30 Jun 25 11:46 UTC] No.44422109[source]
I think the key part is what you didn't emphasize: "connected with issuance records." A list of email addresses is just a list of email addresses. A list of email addresses with domains over which the recipient has control is far more interesting data.
replies(1): >>44427067 #
7. wordofx ◴[30 Jun 25 19:42 UTC] No.44427067{3}[source]
Irrelevant.