WingNews logo WingNews
top | item 45026819

(no title)

ollybee | 6 months ago

What is obnoxious is that certificate transparency logs mean that you now have to effectively centrally register any new domain you put online. That means you instantly see a whole load of traffic to your domain from bots, scrapers, beg bounty scanners etc. Any new site has to be designed to handle that baseline of traffic.

I understand the point of CTL's and it's necessary given that every browser and device is configured to trust CA's that you wouldn't actually trust. It's had awful side effects for people who want to host low traffic sites, or fly under the radar for whatever reason.

discuss

order

cpach|6 months ago

Point taken.

One option to avoid this could be to use the DNS-01 challenge to get a wildcard cert from Let’s Encrypt. Then CT will not expose your subdomains.