Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Rich <rich@example.invalid>
Newsgroups: comp.misc
Subject: Re: 6-day TLS certificates from Let's Encrypt
Date: Thu, 12 Dec 2024 00:28:38 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 19
Message-ID: <vjdanm$1potb$1@dont-email.me>
References: <877c85reae.fsf@example.com> <20241212.001223.a7feaecb@mixmin.net>
Injection-Date: Thu, 12 Dec 2024 01:28:39 +0100 (CET)
Injection-Info: dont-email.me; posting-host="2d19d4e4cf6bb3dfcc253127b97402c1";
	logging-data="1893291"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX19667fGB+8YhSpX2LrIkF0a"
User-Agent: tin/2.6.1-20211226 ("Convalmore") (Linux/5.15.139 (x86_64))
Cancel-Lock: sha1:7tzBtsWgpWCB7ijhtKoKt+pyIps=
Bytes: 1810

D <noreply@mixmin.net> wrote:
> On Wed, 11 Dec 2024 20:27:37 -0300, Salvador Mirzo <smirzo@example.com> wrote:
>>Let's Encrypt is planning a 6-day TLS certificate for next year.
>>> Our longstanding offering won't fundamentally change next year, but we
>>> are going to introduce a new offering that's a big shift from anything
>>> we've done before - short-lived certificates. Specifically,
>>> certificates with a lifetime of six days. This is a big upgrade for
>>> the security of the TLS ecosystem because it minimizes exposure time
>>> during a key compromise event.
>>Source: 
>>https://letsencrypt.org/2024/12/11/eoy-letter-2024/
> 
> seems like everyone is using tls . . . is there anyone "not" using it?

Given Chrome's "insecure" branding in the URL bar from the "make 
everything https" push some years back, there are far fewer who are not 
using it.

But six day expiry dates, that just sounds insane.