I feel like there’s some serious scope creep going on here, negatively affecting the stated purpose of Let’s Encrypt.
We’re talking about a number of different things:
- Make everything encrypted, no matter whether the operator has a budget or not.
- Make people get into a habit of remembering renewals.
- Make software implement graceful restarts.
I’d say that point 3 is well outside of scope for Let’s Encrypt. It’s not LE’s job to make people write better software. Sure, it’d be a nice bonus - but not at the cost of LE’s core goals.
Point 2 also appears like scope creep to me. Making people remember to renew in time through repetition - and it’s very debatable whether this is actually effective to begin with - is a software robustness concern, not a security concern. An expired cert won’t affect security; it will affect availability.
Point 1 is the stated goal of Let’s Encrypt. I interpret “everything” as meaning “as close to 100% as we can get”. In this interpretation, both point 2 and point 3 negatively affect this goal.
Making people switch to software that can gracefully restart sounds great in theory, and I’ve seen a number of economic arguments come by in this thread, but fundamentally it conflicts with the “whether the operator has a budget or not” point. Some people may simply be stuck with the software they’re using, and not be able to switch. This makes them avoid Let’s Encrypt (or SSL/TLS altogether!) which in turn conflicts with point 1.
Trying to make people remember to renew will also scare people away from Let’s Encrypt, because of the increased risk of breakage. When on a budget, they may decide not to do SSL/TLS at all. This, again, conflicts with point 1.
Making people automate everything is not viable either, for the reasons mentioned before - their software of choice may simply not support it, they may not have the time to implement it, they may not be able to do automated renewal because of internal policy reasons. There is no viable “duct-tape solution” of just manually renewing certificates until they manage to automate it, and this will drive people away from LE and possibly SSL/TLS. Again, conficts with point 1.
I feel that Let’s Encrypt should, first and foremost, focus on their core goal - to make authenticated encryption ubiquitous, no matter budget, technology, or environment. Encouraging people to build more robust software and adopt better habits should, at most, be a secondary concern, to be worked on once the core goal has been accomplished (or is on track of being accomplished).
It is not reasonable to forgo the core goal in favour of these secondary goals. It’s scope creep, and seriously threatens the success of Let’s Encrypt.