Comments on the Terms of Service?


#1

What’s the best place to comment on the TOS? Here? Github (couldn’t find it in a repo?)

IAAL, if that helps. :wink:


#3

Didn’t realize there was another forum. Somewhat confusing. :confused:


#4

There is another forum for comments on the Subscriber Agreement? What is it?

My comment:

3.6 Use of Your Certificate
The purpose of Your Certificate is to encrypt Internet communications.

This isn’t really true: certificates don’t encrypt anything, they’re used to authenticate (typically) webservers to clients in order to make sure that encrypted sessions are going to the intended place.


#5

Actually I think this is the very point they’re trying to make. You agree that your certificate does not authenticate you. Since they’ve performed no authentication.


#6

I don’t recall what the other forum was; at any rate, I’ve never gotten a response anywhere.


#7

Hi Luis,

This is probably the best forum for such input. Sorry I missed replying on your initial comment many months ago.

@jimfenton: This is a good point, but my reading of that is: The purpose of the certificate is to enable encrypted communication via the TLS protocol (by authenticating a server). I realize there’s some technical imprecision in the language, but I’m not sure it’s enough to create problems - what do you think?


#8

Jacob,

I’ll leave it up to you whether it’s worth clarifying the language over what I agree is an issue of technical imprecision. Most of the current users of Let’s Encrypt know what role certificates fulfill anyway. Nevertheless, there are enough understandings in the community at large about what certificates actually do, some of it perpetrated on us by the legacy CAs, that I wanted to point it out in hopes we could do better.

As an example, an email I received from a CA the other day:

Subject: “URGENT: <hostname> will be Unsecure in 7 Days”