ban...@openmailbox.org writes:
> Hi David. Thanks for chiming in. Please add a feature for pinning at
> the key level as IMO it provides the best protection.
We don't have any tools for pinning at all but you can read people's
tips about it on the Let's Encrypt community forum.
> Will the logs p
Hi David. Thanks for chiming in. Please add a feature for pinning at the
key level as IMO it provides the best protection.
Will the logs provide users/site owners with a way to independently
check if coercion has happened?
Would systems like Cothority help Lets Encrypt users notice cert
issu
> We don't know how large the risk of legally-compelled misissuance is,
but we have lots of lawyers who would be excited to fight very hard
against it. I think that makes us a less attractive target than other
CAs that might not find it as objectionable or have as many lawyers
standing by to chall
ban...@openmailbox.org writes:
> How secure is Lets Encrypt compared to a pinned self signed cert?
> Can Lets Encrypt be subverted by NSLs?
You can use pinning with Let's Encrypt certs too. The default client
behavior changes the subject key on every renewal, but I can add a
feature to keep the
How secure is Lets Encrypt compared to a pinned self signed cert? Can
Lets Encrypt be subverted by NSLs?
--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
