Any thoughts on the ramifications of the proposal to change the lifetime of SSL Certificates from 90 days to 6 days?
Will it affect workflows? What security adjustments are going to be needed? Does it require changes to administration?
Any thoughts on the ramifications of the proposal to change the lifetime of SSL Certificates from 90 days to 6 days?
Will it affect workflows? What security adjustments are going to be needed? Does it require changes to administration?
From the Let's Encrypt Executive Director's note: Our longstanding offering won’t fundamentally change next year, but we are going to introduce a new offering that’s a big shift from anything we’ve done before - short-lived certificates.
So it seems that the short-lived certificates are an option, but not required.
So the question is does the shorter lifetime solve a problem for us.
If you already fully automate the renewal process, the switch should be easy.
This is a pertinent question. What is the problem that Let's Encrypt is solving.
Ideally, yes. They say that 90 day certificates will continue to be available but will the users on the free tier get to choose? I guess we'll have to wait until they provide more details.