Hacker News new | past | comments | ask | show | jobs | submit login

It would be nice if one didn't need to be a TLS expert to understand the post -- particularly since the whole point of Let's Encrypt was to democratize TLS access.

I have no idea if this means my setup will break even after consulting the docs of my ACME client.

Can I still use ACME Tiny[1] with nginx? Any reason to think that will break? How can I tell if I'm using OCSP or CRL?

Totally incomprehensible blog post.

[1] https://github.com/diafygi/acme-tiny




For regular webserver users, accessed by web browsers, no changes are needed.

Note this is probably at least a year, if not more, away.

I'm sorry this post wasn't accessible enough, and we'll have more communications in the coming years as this gets closer.

(I work at Let's Encrypt and proofread this post before publishing)


Nothing will change for you, and nothing will break. The point of this post is to give a maximum-lead-time heads-up to the folks who _do_ need to care (the folks writing revocation-checking code in clients) so that later, more specific announcements don't come as a surprise.




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: