Quoting Arnt Karlsen (a...@iaksess.no): > ..meanwhile, I too lean towards Ian's contrarianism: > http://michael.orlitzky.com/articles/lets_not_encrypt.xhtml
I couldn't possibly agree more. Let's Encrypt is a Potemkin Village approach to the SSL cert problem; it's pretend security that pretends as if a broken and unreliable CA infrastructure weren't that. I continue to self-sign only, and if people want to know why they should trust it, I'll say 'Either (a) don't, or (b) verify the hash with me via any of a large variety of out-of-band methods, like any sensible person.' If they counter that they want an automated lock icon on their Web browsers so they are absolved of the need to think, I say 'Sounds like a personal problem.' It makes me sad that this view is deemed 'contrarian'. As a sysadmin, I consider it obvious common sense. -- Cheers, "2020 is pulling out more plot devices than Rick Moen a TV series on the brink of being canceled." r...@linuxmafia.com (Seen on Reddit, Oct. 2, 2020.) McQ! (4x80) _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng