from Hacker News

We Issued Our First Six Day Cert

by el_duderino on 2/21/25, 8:33 PM with 7 comments

  • by jart on 2/21/25, 11:50 PM

    Let me guess, next year they become mandatory.

    Next thing you know, they'll find a way to require that your web server link their dynamic shared object.

    Then another year later you'll need a let's encrypt kernel module too.

  • by snailmailman on 2/22/25, 1:40 AM

    90 days has always seemed unnecessarily long to me. I have definitely spun up short-lived pages on subdomains that end up getting a cert that outlives the site itself.

    I am concerned at how the cert transparency logs will handle this. That’s going to be a lot of certs getting logged globally if everyone switches to shorter lifetimes.