[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Using Commercial SSL/TLS Certificate for debian.org Site

On Wed, 2019-06-19 at 13:05 +0700, Bagas Sanjaya wrote:

> It can be prevented by using wildcard certificates

That is another terrible idea, if that one certificate is compromised
then the attacker can impersonate any subdomain for the entire validity
period. Moving towards individual certs and keys for each site with
short validity periods with automatic renewal is a much better option.

> Why did you say like that?

Since there are no good reasons to do what you suggest.

I won't be responding to this thread any longer.
I request that you stop responding to this thread too.



Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: