Google Public CA is down

This usually indicates that the CA was issuing non-compliant certificates and needed to prevent further non-compliance. Will be interesting to watch Bugzilla for the incident report: https://bugzilla.mozilla.org/buglist.cgi?product=CA%20Progra...

The heading above that:

"There is an ongoing incident that will force issuance to be halted."

Feels like they were alerted to some current problem severe enough that "turn it off now" was the right move. Breaking the baseline requirements somehow maybe?

I'm not sure I follow. This outage seems like it occurred for less than 1 day. The post you link to is about having certificates expire after 45 days. What's the connection you see?

You know there’s more than one CA?

Your license to website has been revoked.

Have you had to update microG yet?

For persistent services using the affected ACME API, the window is usually 30 days.

But that didn’t stop Youtube and Youtube TV from going down hard. I imagine they’re provisioning ephemeral VMs or service instances and relying on them being able to get certs immediately, or something like that.

Well one must also argue the opposite. I myself have gained immense knowledge from YouTube. I have learned things like phone screen replacements or phone battery replacements. I call myself a mechanic from the school of YouTube and have saved myself at minimum $10k in repairs doing the work myself. I have learned to make endless food recipes or create things like giant bubbles or slime for my kids. My point is that I bet sure for some YouTube is a massive time sink waste of time. But I also wonder how much it has improved the knowledge, skills and ability of others. My dad often mentions how had he had YouTube when he was younger how much it would have done for him. He talks about having to go to the library and if lucky there was a book that could show you the knowledge you were looking for. He says but now you can find not just the knowledge but for example specific knowledge like car make model and year and how exactly to do job xyz. Ultimately I just can not imagine life without the wealth of knowledge YouTube has given me.

They've begun injecting obnoxious ads into the downloadable mp3s on a lot of podcasts I've found. Hyperlocal ads for tire shops and bakeries.

I don't want to buy tires, I want to learn about ______. The ads don't even make sense because they're irrelevant.

I listen to multi-hour unsponsored content on Youtube almost exclusively.

This comment sponsored by Vivo barefoot. I really do wear them myself. Honest.

I watched a movie, same late night talk show host, something like "welcome night owls".

I "loved" the style but I haven't found any actual radio on the internet of that style or a podcast. Not sure about name of movie but I do remember it being in the last 10-15 years.

I am playing a YouTube video (since the time of this comment) and it has not been interrupted.

Perhaps the same underlying cause, but there's no reason why Google's public CA being temporarily down would bring YouTube down.

I can see all the videos and play the ones in my subscription tab though.

You can watch any YT video by directly following a link or from history/playlist etc. Its just their homepage etc is down

Draining is terminology they use for draining traffic from a service.

google sre speak

Here's a direct link to the latest Veritasium. You're welcome!

https://www.youtube.com/watch?v=cMx139eTxoc

I guess it's good Google hasn't succeeded in forcing people to renew certificates every 8 hours (yet)

In theory 8 hours of downtime should be fine for a CA. Obviously not ideal, but the pki system is not meant to be a live system.

That feeling when you have to suspend production service until the time lock safe can be opened.

The same amount of time it feels like it takes for my google functions to deploy.

Yeah, this could end up as the actual root cause of The Great Oops that I've been raving about for years. And Google probably would be the right company to fuck it up in the worst way possible since Google Knows Best In All Situations.

I was thinking about the time some software influencer said that if you are afraid to deploy on Friday then there's something wrong with you. Eff that! Murphy's Law! (allen holub - https://x.com/allenholub/status/1637111242610610182)

There's at least five free ACME CAs, with failover it doesn't matter all that much if one of them falls over. If all of them fall over at once there's probably a more pressing issue like nuclear holocaust or alien invasion going on.

Oh I am more than happy to tell people how I took down entire Google Cloud 11 years ago. I mean, of course to the level of details Google is comfortable with to share externally :)

I mean, with any sufficiently large project or system it’s rarely super accurate to say one person did something.

OCSP is deprecated and basically dead at this point. Some clients still use it but I don't think many (any?) have actually enforced OCSP for years since it was notoriously fickle anyways.

Interesting. If you go to youtube.com it's all messed up; missing all the videos in the listings. But if you follow a video embedded in another site to youtube, it'll show and play fine. It'll break if you try to browse away from it.

seeing heroku issues here too, had assumed it was salesforce's fault, bc of course they are eventually going to destroy heroku somehow, right?

Correct. It's not youtube, it's themtube.

Isn't that the thing that a bunch of YouTube creators pitch inside their channels along with VPNs and supplements? I would never consider it because the ads rub me the wrong way. Or is it some alternative frontend for YouTube that happens to have a similar sounding name?

I have the domain. If you want you cat videos back, you are going to have to pay me:

ONE MILLION DOLLARS!