A Note from our Executive Director
letsencrypt.org
This letter was originally published in our 2024 Annual Report. The past year at ISRG has been a great one and I couldn’t be more proud of our staff, community, funders, and other partners that made it happen. Let’s Encrypt continues to thrive, serving more websites around the world than ever before with excellent security and stability. Our understanding of what it will take to make more privacy-preserving metrics more mainstream via our Divvi Up project is evolving in important ways.
  • JustinEnglish
    182 days ago

    That’s true, but it would also have to be a serious attack for LE to be down for 3 entire days. There are multiple providers for automated certs, so you could potentially just switch if needed.

    • @sugar_in_your_tea@sh.itjust.worksEnglish
      172 days ago

      The attack would only need to last for a day or two, and then everyone requesting updated certs when it stops could push enough people outside the 6-day window to cause problems. 6 days is probably long enough to not be a huge issue, but it’s getting close to problematic. Maybe change to 15 days, which should avoid the whole issue (people could update once/week and still have a spare week and a day to catch issues).

      • JustinEnglish
        18 hours ago

        Most companies weren’t suited for automatic certs either, but now they are