Can confirm as someone who has to renew a non-Let’s Encrypt cert every year (for... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

Tijdreiziger on Sept 23, 2023 | parent | context | favorite | on: 0-days exploited by commercial surveillance vendor...

Can confirm as someone who has to renew a non-Let’s Encrypt cert every year (for reasons). The CA sends an automated email to the email address listed in WHOIS, you click a link in the email, and they issue the certificate. No human interaction necessary.

ComputerGuru on Sept 23, 2023 [–]

EV certs have a slightly more rigorous approach. They’ll call the registered agent for the business as registered/licensed with the state, not the phone number from whois or an email to webmaster@

Tijdreiziger on Sept 23, 2023 | [–]

Yes, I’m just talking about regular DV certificates (the same type you’d get if you just used Let’s Encrypt).

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact