Let's Encrypt blog post feedback


#1

I recently wrote a blog post about LE where I shared some notes and collected the most recurring discussions about the project.

I’m genuinely interested in a feedback, in particular to make sure it doesn’t contain any improper quote or reference.

Here’s the post: Things you want to know about Let’s Encrypt

As a personal note, thanks to the Let’s Encrypt team for your hard work, and to the various library/client contributors for providing so much good software and alternatives.


#2

Nice blog :slightly_smiling:

You might want to add some more stuff to the ECDSA part: since https://github.com/letsencrypt/boulder/pull/1298 has been committed, Boulder can be configured to accept CSR’s with ECDSA public keys. The certificate will be signed with the RSA intermediate certificate ofcourse, but it would be possible to use cipher suits such as ECDHE-ECDSA-AES256-GCM-SHA384 in stead of ECDHE-RSA-AES256-GCM-SHA384

BTW, currently, the live Boulder server isn’t accepting ECDSA CSR’s. As soon as the LE guys have a chance to enable it, it should be OK.


#3

Thanks @Osiris, I’ll update the ECC section today. I appreciate your feedback.