Re: Using Commercial SSL/TLS Certificate for debian.org Site
On Wed, Jun 19, 2019 at 12:51 PM Bagas Sanjaya wrote:
> Unlike LE, we (debian.org) have to create Certificate Signing Requests (CSR) which will be sent to those CA.
As a member of the Debian sysadmin team I can tell you that this is
never going to happen. Manually doing TLS is way too much work when
you have hundreds of subdomains and a terrible idea and we will never
go back to doing it.
> EV certificates can be useful for large organizations like Debian.
EV certificates are becoming less useful over time, they are probably
a waste of money now:
https://scotthelme.co.uk/are-ev-certificates-worth-the-paper-theyre-written-on/
> would commercial SSL/TLS make sense for debian.org website?
No.
--
bye,
pabs
https://wiki.debian.org/PaulWise
Reply to: