/top/
/new/
/best/
/ask/
/show/
/job/
^
slacker news
login
about
←back to thread
LetsEncrypt – Expiration Notification Service Has Ended
(letsencrypt.org)
181 points
zdw
| 2 comments |
30 Jun 25 04:49 UTC
|
HN request time: 0s
|
source
Show context
whatever1
◴[
30 Jun 25 08:51 UTC
]
No.
44420959
[source]
▶
>>44419496 (OP)
#
Is it the right time to rant about the cert expiration as a concept? I understand why certs might be revoked. But expire?
replies(7):
>>44421005
#
>>44421014
#
>>44421298
#
>>44421364
#
>>44421391
#
>>44421714
#
>>44421852
#
em-bee
◴[
30 Jun 25 09:44 UTC
]
No.
44421298
[source]
▶
>>44420959
#
revoking certs does not work. it is so bad that the end result is that by 2029 certificates will not be allowed to be valid longer than 47 days:
https://news.ycombinator.com/item?id=43693900
replies(1):
>>44421718
#
layer8
◴[
30 Jun 25 10:55 UTC
]
No.
44421718
[source]
▶
>>44421298
#
TLS server certificates, that is. It’s perfectly fine for other uses of certificates.
replies(1):
>>44423068
#
1.
em-bee
◴[
30 Jun 25 13:30 UTC
]
No.
44423068
[source]
▶
>>44421718
#
true, but i would guess that revoking certificates doesn't work in general, so this would apply to any situation where revoking is necessary.
replies(1):
>>44425479
#
ID:
GO
2.
layer8
◴[
30 Jun 25 16:56 UTC
]
No.
44425479
[source]
▶
>>44423068 (TP)
#
That guess is incorrect. Revocations are routine in PKI-based electronic signatures and authentication, and do work there.
↑