On 18/07/17 18:34, Watson Ladd wrote:
I understand the logics but, since LURK boxes don’t scale, the
cost to cover your entire footprint for the sporadic cases when
the CA is down might be a bit prohibitive.
CA reliability is not good.
From my own experience, I agree that CA reliability is "not good".
However if I'm using short-term certs with say, a 7 day validity, and
(per draft-ietf-acme-star) the next certificate is issued halfway
through this period, it means that the CA has to to be unavailable for
all of 3.5 days for the failure to affect the delegated site. That's a
lot, even for a CA.
On the other hand the LURK signing box (though managed by the same
organization, which is a clear benefit) needs to be available at the
same level of the delegated site - 99.99% of the time or whatever your
standard is.
Thanks,
Yaron
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls