[atlas] SSL Certificates for ripe anchors
- Previous message (by thread): [atlas] SSL Certificates for ripe anchors
- Next message (by thread): [atlas] SSL Certificates for ripe anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Michael J. Oghia
mike.oghia at gmail.com
Tue Sep 3 11:00:42 CEST 2019
Hi Robert, all: As a disclaimer, I'm not an engineer/programmer, so I don't know all the technical specifications. However, I am a big advocate for Let's Encrypt, and think it sends a strong message about the service they offer if the RIPE community and NCC endorses them for our networks and infrastructure. So, take my vote with a grain of salt, but I say let's do it (barring any kind of technical issue that I'm simply not aware of). Best, -Michael On Tue, Sep 3, 2019 at 9:58 AM Robert Kisteleki <robert at ripe.net> wrote: > > > Still no one has answered why ripe is using self signed certs for anchor > > when they can use let's encrypt for free... > > TL;DR if the community prefers it we use LE (+TLSA). > > This comes with the expense of some one-time and ongoing operational > work. Considering that anchors don't host any sensitive information, > using self-signed certs (+TLSA) was so far considered good enough. > > Regards, > Robert > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.ripe.net/ripe/mail/archives/ripe-atlas/attachments/20190903/9f8f108c/attachment.html>
- Previous message (by thread): [atlas] SSL Certificates for ripe anchors
- Next message (by thread): [atlas] SSL Certificates for ripe anchors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]