Not the Onion

3020 readers

22 users here now

For true stories that are so ridiculous, that you could have sworn it was an !theonion worthy story.

founded 3 years ago

MODERATORS

FracturedPelvis@lemmy.ml

Let's Encrypt bans certificate usage by residents of US-sanctioned countries [pdf] (letsencrypt.org)

submitted 2 weeks ago by cypherpunks@lemmy.ml to c/nottheonion@lemmy.ml

11 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] umbrella@lemmy.ml 9 points 2 weeks ago (1 children)

yup. i've used their services, but there is no point if they can sanction what probably amounts to half the world off of it.

[–] cypherpunks@lemmy.ml 6 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

I don't follow how a useful thing becomes "useless" or "no point" just because millions of people are unjustly denied access to it.

Fwiw Let's Encrypt was just the first but isn't actually the only free ACME provider anymore; acme.sh has a list of other providers in its readme and there is another list here. Actalis is Italian apparently; unfortunately I think the rest might be ultimately US-based (ZeroSSL says it's Austrian but it's owned by a US company).

It would be nice if some more independent country (eg, China) who already has one or more CAs trusted by all major browsers would step up and start offering free certs to the world.

It's worth noting that HTTPS is needed not only for its confidentiality and authenticity properties, but also is required by browsers for pages to be allowed to use modern features like WebRTC (needed to have a voice or video call from a web page).

[–] chicken@lemmy.dbzer0.com 3 points 2 weeks ago

Building infrastructure around something so vulnerable to be abused that way contributes to the problem.