- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Let’s Encrypt will be reducing the validity period of the certificates we issue. We currently issue certificates valid for 90 days, which will be cut in half to 45 days by 2028.
This change is being made along with the rest of the industry, as required by the CA/Browser Forum Baseline Requirements, which set the technical requirements that we must follow. All publicly-trusted Certificate Authorities like Let’s Encrypt will be making similar changes. Reducing how long certificates are valid for helps improve the security of the internet, by limiting the scope of compromise, and making certificate revocation technologies more efficient.
Is this the same trust that would infect a box in under a minute if not behind a router?
The same trust of needing to scan anything you downloaded for script kiddie grade backdoors?
Zero click ActiveX / js exploits?
Man I’m probably the same age and those are some intense rose colored glasses 😅
Oh, definitely rose-coloured, but I am thinking even before those days… like when access to Usenet was restricted to colleges and universities, dial-up BBSes … and I didn’t use Windows or MacOS at all back then. ActiveX and js didn’t even exist back then. Boot-sector floppy viruses did, but those were easy to guard against.
Ah yeah, those were interesting times. (Although there were some historically interesting viruses back in the day for those floppies too)
Fond memories though. Learning basic on a cartridge… Using literal cassettes for storage. That horrifying sound of a 5" floppy drive struggling to read that file you really needed. Good times.
Generally speaking that was probably what most of us would identify as pre internet times - but usenet / BBS / and early internet and prior definitely was more bright eyed and optimistic. Probably because it was more about learning and tech and less about monotizing every square inch of your existence 😂