this post was submitted on 18 Nov 2024
921 points (99.6% liked)

Technology

59466 readers
3522 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
L3s@lemmy.world
L3s@fry.gs
L4s@fry.gs
L4s@lemmy.world
enu@lemmy.world
921
Let's Encrypt is 10 years old today ! (letsencrypt.org)
submitted 1 day ago by pcouy@lemmy.pierre-couy.fr to c/technology@lemmy.world
78 comments fedilink hide all child comments
 

Happy birthday to Let's Encrypt !

Huge thanks to everyone involved in making HTTPS available to everyone for free !

you are viewing a single comment's thread
view the rest of the comments
[–] digdilem@lemmy.ml 2 points 4 hours ago

It won't be that simple.

For starters, you're assuming t-zero response. It'll likely be a week before people worry enough that LE isn't returning before they act. Then they have to find someone else for, possibly, the hundreds or thousands of certs they are responsible for. Set up processes with them. Hope that this new provide is able to cope with the massive, MASSIVE surge in demand without falling over themselves.

And that's assuming your company knows all its certs. That they haven't changed staff and lost knowledge, or outsourced IT (in which case they provider is likely staggering under the weight of all their clients demanding instant attention) and all that goes with that. Automation is actually bad in this situation because people tend to forget how stuff was done until it breaks. It's very likely that many certs will simply expire because they were forgotten about and the first thing some companies knows is when customers start complaining.

LetsEncrypt is genuinely brilliant, but we've all added a massive single point of failure into our systems by adopting it.

(Yeah, I've written a few disaster plans in my time. Why do you ask?)