←back to thread

LetsEncrypt – Expiration Notification Service Has Ended

(letsencrypt.org)
181 points zdw | 1 comments | 30 Jun 25 04:49 UTC | HN request time: 0.314s | source
Show context
whatever1 ◴[30 Jun 25 08:51 UTC] No.44420959[source]
Is it the right time to rant about the cert expiration as a concept? I understand why certs might be revoked. But expire?
replies(7): >>44421005 #>>44421014 #>>44421298 #>>44421364 #>>44421391 #>>44421714 #>>44421852 #
1. zarzavat ◴[30 Jun 25 10:55 UTC] No.44421714[source]
Let's say you buy a domain name from someone. Do you really want the previous owner of the domain to own a certificate for your website until the end of time? Sure you can get it revoked but certificate expiration ensures that it will expire even if it doesn't get revoked. That's a vital part of the security model.