<div dir="ltr">Dear Anand,<div><br></div><div>As a big supporter of both Let's Encrypt and RIPE Atlas, this is great news! I'm happy to hear this, and appreciate the RIPE NCC's commitment to it. </div><div><br></div><div><div><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><font face="arial, helvetica, sans-serif">Best,<br>-Michael</font><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><br></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Dec 13, 2019 at 11:18 AM Anand Buddhdev <<a href="mailto:anandb@ripe.net">anandb@ripe.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Dear colleagues,<br>
<br>
Some time ago, there was discussion on this list about deploying<br>
Letsencrypt certificates on anchors. We had said we would investigate<br>
the possibility of doing this.<br>
<br>
We are pleased to report that we have worked out how to do this<br>
seamlessly. Early next week, all RIPE Atlas anchors will switch to<br>
Letsencrypt certificates. Note that we will re-use the existing keys on<br>
the anchors to request the Letsencrypt certificates. The TLSA records of<br>
all anchors are pinned to these private keys, and so they will not change.<br>
<br>
Regards,<br>
Anand Buddhdev<br>
RIPE NCC<br>
<br>
</blockquote></div>