this post was submitted on 17 Apr 2025
197 points (98.0% liked)
Technology
68991 readers
3832 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I have mixed feelings about this.
On one hand, I agree with the technical merits. Having an automated process to renew short lived tls certs is "a good thing" and I think services like Let's Encrypt have demonstrated such automation is viable (at large scale).
But, there are reasons why people pay money for tls Certs rather than use free (short lived) Certs. For example, there's a mom-and-pop webhosting company that allows you to upload your tls Certs (they cost < $25 / year) or you can pay them $95 / year to use their Certs (and they just use Let's Encrypt - lol)
The nearly 4x markup is their "convenience fee" or "dumb tax". Regardless, once the 45 day tls Certs are enforced, I'll have no choice in either paying their 4x markup or migrating to another platform.
... Having a choice is not always a bad thing...