Happy birthday to Let’s Encrypt !
Huge thanks to everyone involved in making HTTPS available to everyone for free !
You are viewing a single thread.
View all comments 9 points
Just two months ago, a security team member dinged one of our services for using Lets Encrypt, as “it’s not as secure as a traditional CA”.
3 points
13 points
I’d love for them to explain how, if anything the short cert validity and constant re-checking of the domain seems more secure than traditional CAs
6 points
*
I’d also argue that the fact that it’s 100% automated and their software is open source makes it objectively more secure. On the issuing side, there’s no room for human error, social engineering, etc.