Hacker News new | past | comments | ask | show | jobs | submit login

I love how the entire free PKI ecosystem is now relying on one single company.



It’s not. There’s LetsEncrypt, ZeroSSL, BuyPass, SSL.com, and Google Trust Services[0]. The ACME protocol is standardized and you can point your client at any of these at any time, and other providers can begin providing certificates at any time. Some tooling[1] even uses other providers by default.

[0] https://acmeclients.com/certificate-authorities/ [1] https://github.com/acmesh-official/acme.sh/wiki/Change-defau...




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: