this post was submitted on 18 Nov 2024
950 points (99.6% liked)
Technology
59495 readers
3081 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Can anyone fill me on this? Why is it so significant?
HTTPS certs used to be very expensive and technically complicated, making it out of reach for most smaller orgs. Let's Encrypt brought easy mass adoption and changed encryption availability on the web for everyone.
They also made it a open protocol (the ACME protocol), so now there's a bunch of certificate providers that implement the same protocol and thus can work with the same client apps (Certbot, acme.sh, etc). I know Sectigo and GoDaddy support ACME at least. So even if you don't use Let's Encrypt, you can still benefit from their work.
It is the free, easy way to get an SSL cert (plus automated renewals). Without it, maybe HTTPS wouldn't have been so omnipresent.
And it shouldn't have been, SSL PKI is an intentionally rigged architecture. It's intended for nation-states to be able to abuse it.
I'd like much more some kind of overlay encryption over HTTP based on web of trust and what not. Like those distributed imageboards people were trying to make with steganography in emotion.
It's a trap. Everybody is already in it and it has already been activated, so - the discussion would be of historical interest only.