This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ripe-atlas@ripe.net/
[atlas] SSL Certificates for ripe anchors
- Previous message (by thread): [atlas] SSL Certificates for ripe anchors
- Next message (by thread): [atlas] SSL Certificates for ripe anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Michael J. Oghia
mike.oghia at gmail.com
Tue Sep 3 11:00:42 CEST 2019
Hi Robert, all: As a disclaimer, I'm not an engineer/programmer, so I don't know all the technical specifications. However, I am a big advocate for Let's Encrypt, and think it sends a strong message about the service they offer if the RIPE community and NCC endorses them for our networks and infrastructure. So, take my vote with a grain of salt, but I say let's do it (barring any kind of technical issue that I'm simply not aware of). Best, -Michael On Tue, Sep 3, 2019 at 9:58 AM Robert Kisteleki <robert at ripe.net> wrote: > > > Still no one has answered why ripe is using self signed certs for anchor > > when they can use let's encrypt for free... > > TL;DR if the community prefers it we use LE (+TLSA). > > This comes with the expense of some one-time and ongoing operational > work. Considering that anchors don't host any sensitive information, > using self-signed certs (+TLSA) was so far considered good enough. > > Regards, > Robert > > -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/ripe-atlas/attachments/20190903/9f8f108c/attachment.html>
- Previous message (by thread): [atlas] SSL Certificates for ripe anchors
- Next message (by thread): [atlas] SSL Certificates for ripe anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]