I hope so, but can we really be sure that .se or .de would still work in such a scenario? Is the TLD root management really split up vertically or is the (presumably US-based) TLD parent organization also the final authority for every country TLD?
It would be nice to at least have a very high level contingency plan because in worst case I won't be able to google it.
Yeah, it's a bit far fetched but after Cloudflare CEO basically threatening to cut off Italy I was wondering what would happen if US really invades Greenland.
A simple windows to linux migration is not enough. If certificates expire without a way to refresh you'd either need to manually touch every machine to swap root certificates or have some of other contingency plan.
I'm pretty sure that the .org TLD can be shut off by the US at any point in time.
That’s not relevant though. These CAs will gladly give you a .se/.dk/.in/whatever cert as long as validation passes.
I hope so, but can we really be sure that .se or .de would still work in such a scenario? Is the TLD root management really split up vertically or is the (presumably US-based) TLD parent organization also the final authority for every country TLD?
It would be nice to at least have a very high level contingency plan because in worst case I won't be able to google it.
3 replies →
Lets Encrypt do not control the US president.
You could argue that The Don in charge of the US is in control of letsencrypt
> You could argue that The Don in charge of the US is in control of letsencrypt
He's not in control of letsencrypt or any other US-based CA.
It may not be well known, but Trump's administration loses about 80% of the time when they've been sued by companies, cities and states.
There's much more risk of state-sponsored cyber attacks against US companies.
Yeah, it's a bit far fetched but after Cloudflare CEO basically threatening to cut off Italy I was wondering what would happen if US really invades Greenland.
A simple windows to linux migration is not enough. If certificates expire without a way to refresh you'd either need to manually touch every machine to swap root certificates or have some of other contingency plan.
3 replies →