top | item 46281708

(no title)

RedShift1 | 2 months ago

I have been saying it since the beginning that we are centralizing all the power of the internet to one organization and that this a bad thing, yet I get downvoted every time. One organization is going to have a say on whether or not you can have a website on the internet, how is this objectively a good thing?

discuss

bruce511|2 months ago

I'll upvote you for at least asking the question. But you get downvoted because your premise is wrong.

There are lots of organizations that support the ACME protocol. LE is the most well known, but there are others, and more on the way.

Existing CAs don't necessarily vanish with this change. They are free to implement ACME (or some proprietary protocol) and they are completely free to keep charging for certificates if they like.

The real result of this change is that processes will change (where they haven't already) improving both customer experience and security.

But to be clear there's no "one organization" in the loop here. You can rest easy on that front.

tssva|2 months ago

Maybe you get downvoted because this isn't centralizing all the power of the internet to one organization rather than being downvoted because people don't have an issue with that.

Dylan16807|2 months ago

The CA/Browser forum has massive power over the web whether you like it or not, because they make the browsers. And make no mistake, it's the browser representatives that are the most aggressive about tighter security and shorter certificate lives.

RedShift1|2 months ago

I have the feeling that this is much more about control than it is about security.