Fritz Adalis on Nostr: nprofile1q…03nsk I'm all for this. So many companies I've seen will get a 2 year ...
nprofile1qy2hwumn8ghj7un9d3shjtnddaehgu3wwp6kyqpqh0dld9ztskh70gyk4waknsd26fmhpjvfsxzksatpjmaka00syqaqx03nsk (nprofile…3nsk)
I'm all for this. So many companies I've seen will get a 2 year star cert, email it around unencrypted, leave it on filesystems, and install it pretty much everywhere. Then it expires and it's a circus trying to figure out how to update them.
With a 6 (or 42) day cert you _will_ be automating it.
Also, certificate authorities have proven over and over that they won't mass revoke certs when they're caught being sloppy.
I'm all for this. So many companies I've seen will get a 2 year star cert, email it around unencrypted, leave it on filesystems, and install it pretty much everywhere. Then it expires and it's a circus trying to figure out how to update them.
With a 6 (or 42) day cert you _will_ be automating it.
Also, certificate authorities have proven over and over that they won't mass revoke certs when they're caught being sloppy.