John Horst, CISSP® — ISSAP®
455 Followers
About
Would you consider revising this advertisement for paid CA’s to include how LE can help to minimize…
15
1

Drew Borell

John Horst, CISSP® — ISSAP®

Jun 24, 2019·1 min read

The shorter lifespan is a net plus for security, but it ends up meaning either more frequent maintenance and its related costs or an automatic renewal system which fosters “fire and forget” complacency… Net negatives which in my opinion outweigh the positives…

Otherwise, you cannot minimize the risk unless you first understand the basis of trust. Making an SSL cert the shiny object (which is what LE is doing) misleads the business community into thinking that encryption is trust-worthy — when it isn’t. The KMS of the CA is the true object of trust.

Now if everyone is piling into the same CA, and at some point in the future the trust in that CA is violated, the consequences will be far more severe than a fragmented paid CA market.

Written by

John Horst, CISSP® — ISSAP®

I am a charter member of the pocket-protector set, but old enough to make fun of them and otherwise have a healthy skepticism of tech. https://goo.gl/2z5Snr

More from John Horst, CISSP® — ISSAP®

I am a charter member of the pocket-protector set, but old enough to make fun of them and otherwise have a healthy skepticism of tech. https://goo.gl/2z5Snr

More From Medium

What hurricanes teach us about the consumers and the economy…

The Hitchhikers Guide to the Impeachment Inquiry

The “One Thing” in Cyber

Why the U.S. Tax System is Unique — And Uniquely Fair

The Link Between the English Civil Wars and Crypto

Ten Observations that an Educated Theist Should Have No Problem Addressing

What We Should Learn from the Equifax Hack

Startups: The Most Important Audience in Cyber

About

Help

Legal

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store