Let’s Encrypt has done so much for encouraging the spread of HTTPS and good certificate practices. If they went away, I honestly think a good chunk of the internet would start breaking after ~6 months.
Tailscale is also ridiculously easy to use for this purpose. The serve and Funnel features make secure self hosting really easy from your tailnet (one can easily provision certificates for nodes using Let’s Encrypt from the CLI: https://tailscale.com/blog/reintroducing-serve-funnel
At least there’s some competitors now, which could be used as drop-in replacements if Let’s Encrypt were to disappear.
I suspect the vast majority of certificate authorities will implement the ACME protocol eventually, since the industry as a whole is moving towards certificates with shorter expiry times, meaning that automation will essentially be mandatory unless you like manually updating certs every 90-180 days.
Same. I’ve been thinking about who to donate to this year, and it looks like they’re making the cut. I’ll probably also throw some money at my Lemmy instance and a handful of projects I use, including Tor, because apparently they got caught in the dragnet too.
Relevant to !selfhosted because one of the projects getting funding cut is Let’s Encrypt.
Let’s Encrypt has done so much for encouraging the spread of HTTPS and good certificate practices. If they went away, I honestly think a good chunk of the internet would start breaking after ~6 months.
Less HTTPS = easier government & advertiser data collection
I’m pretty sure browsers don’t even load http sites anymore.
When I spin up a new self hosted service it’s easier to add caddy to the stack than to convince Firefox to load http.
Tailscale is also ridiculously easy to use for this purpose. The serve and Funnel features make secure self hosting really easy from your tailnet (one can easily provision certificates for nodes using Let’s Encrypt from the CLI: https://tailscale.com/blog/reintroducing-serve-funnel
HTTP works fine in Firefox unless you set it to HTTPS only. Even then, you only have to click off a warning to open an HTTP site.
deleted by creator
They load. I have to specify http:// to get it to work though.
I’m sure google will fix that in chrome, like killing adblocker functionality.
At least there’s some competitors now, which could be used as drop-in replacements if Let’s Encrypt were to disappear.
I suspect the vast majority of certificate authorities will implement the ACME protocol eventually, since the industry as a whole is moving towards certificates with shorter expiry times, meaning that automation will essentially be mandatory unless you like manually updating certs every 90-180 days.
It’s okay, Let’s Encrypt only provides SSL certs for… 63.7% of the market?
Okay okay, that is a lot. But what does a CA need funding for anyway? It doesn’t take much bandwidth to send out new certs.
The only thing that could be expensive is if they had to rapidly invalidate thousands of certs to protect the security of the entire internet.
But haha, that’s a pretty outlandish scenario that would never happen.
I’m gonna have to donate then.
Same. I’ve been thinking about who to donate to this year, and it looks like they’re making the cut. I’ll probably also throw some money at my Lemmy instance and a handful of projects I use, including Tor, because apparently they got caught in the dragnet too.
Which other projects caught your attention? I was going to donate to Graphene, EFF and some TOR operators
Far more than I can reasonably support:
But the short list for now is:
And I’ll probably run a Tor relay or something as well.
Every day just gets worse doesn’t it.