Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
social.tchncs.de is one of the many independent Mastodon servers you can use to participate in the fediverse.
A friendly server from Germany – which tends to attract techy people, but welcomes everybody. This is one of the oldest Mastodon instances.

Administered by:

Server stats:

3.9K
active users

social.tchncs.de: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.6

Public
Mike Kuketz 🛡

Dieses Jahr wird Let's Encrypt sogenannte »short-lived certificates« einführen - diese habe eine Lifetime/Gültigkeit von nur sechs Tagen. Werdet ihr auf diese umstellen?

letsencrypt.org/2024/12/11/eoy

· 586 people · Closed
letsencrypt.orgA Note from our Executive DirectorThis letter was originally published in our 2024 Annual Report. The past year at ISRG has been a great one and I couldn’t be more proud of our staff, community, funders, and other partners that made it happen. Let’s Encrypt continues to thrive, serving more websites around the world than ever before with excellent security and stability. Our understanding of what it will take to make more privacy-preserving metrics more mainstream via our Divvi Up project is evolving in important ways.
Mike Kuketz 🛡

Zitat: "Our longstanding offering won’t fundamentally change next year, but we are going to introduce a new offering that’s a big shift from anything we’ve done before - short-lived certificates. Specifically, certificates with a lifetime of six days. This is a big upgrade for the security of the TLS ecosystem because it minimizes exposure time during a key compromise event."

Jan 31, 2025, 11:25 AM·Public
1boost·11favorites
Quiet public
Lawrence Pritchard Waterhouse

@kuketzblog Ich hege scharf den Verdacht, dass, wer schon ACME nutzt, den Key meist eh' nur auf der Kiste selbst hat, d.h. wenn der eibe Key da rausgewandert ist, dann ist die Chance hoch, dass dem naechsten dasselbe passiert, ob der nun nach 90 oder nach 6 Tagen getauscht wird. Klar, gibt andere Konstellationen, wo das hilfreich ist (und schaden kann's nur, wenn man Certificate Pinning vergeigt, oder sowas), aber soooo gross ist der Wurf nun nicht...

ExploreLive feeds
About