Once again Let’s Encrypt and it’s incredible staff have raised the “security bar” a bit higher. And this move has is being acknowledged in “security circles” worldwide.
The latest Feisty Duck Newsletter published:
Let’s Encrypt started enabling multiperspective validation, meaning that domain validation will be checked from multiple, internationally distributed points of the internet. Multiperspective validation has been developed as a defense against BGP hijacking and other network layer attacks against domain validation.
I think this was announced by Let’s Encrypt Engineer @CPU earlier this year before his retirement announcement.
Thanks @cpu for your contributions. I for one will miss your presence here.
Also the newsletter points out that:
One-Year Certificate Lifetimes are Coming
During a recent meeting of the CA/Browser Forum, Apple announced that its Safari browser will not accept certificates with a lifetime of more than 398 days starting in September of this year. With this announcement, Apple moves ahead with the shorter certificate lifetimes that multiple browsers have wanted for a while.
Shorter certificate lifetimes were championed by Let’s Encrypt and now the Internet follows!
Thanks @staff for what you do for the betterment and security of all the rest of us.