Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Conversation

Notices

Embed this notice
Aral Balkan (aral@mastodon.ar.al)'s status on Wednesday, 26-Mar-2025 03:17:01 JST Aral Balkan
- Let's Encrypt
- European Commission
“Let’s Encrypt received around $800,000 in funding from the OTF”
Dear @EUCommission, get your heads out of your arses and let’s find @letsencrypt €1M/year (a rounding error in EU finances) and have them move to the EU.
If Let’s Encrypt is fucked, the web is fucked, and the Small Web is fucked too. So how about we don’t let that happen, yeah?
(In the meanwhile, if the Let’s Encrypt folks want to make a point about how essential they are, it might be an idea to refuse certificates to republican politicians. See how they like their donation systems breaking in real time…)
CC @nlnet @NGIZero@mastodon.xyz
#USA #fascism #OpenTechFund #LetsEncrypt #SSL #TLS #encryption #EU #web #tech #SmallWeb #SmallTech https://mastodon.social/@publictorsten/114223873439053263
In conversation about 2 months ago from mastodon.ar.al permalink
Attachments
1. No result found on File_thumbnail lookup.
  
  publictorsten (@publictorsten@mastodon.social)
  
  from publictorsten
  
  Wenn Let’s Encrypt plötzlich nicht mehr klappt, wird das halbe Internet aus Zertifikatsfehlern bestehen. https://www.heise.de/news/Nach-Trump-Dekret-Kampf-um-US-Foerdermittel-fuer-Tor-F-Droid-und-Let-s-Encrypt-10328226.html
- Embed this notice
  Aral Balkan (aral@mastodon.ar.al)'s status on Wednesday, 26-Mar-2025 03:23:02 JST Aral Balkan
  in reply to
  @a @EUCommission @letsencrypt @nlnet None of that is insurmountable or even hard. Could be done in a week if the political will was there. It’s such a low hanging fruit.
  
  In conversation about 2 months ago permalink
- Embed this notice
  Alexandre Dulaunoy (a@paperbay.org)'s status on Wednesday, 26-Mar-2025 03:23:03 JST Alexandre Dulaunoy
  in reply to
  - Let's Encrypt
  - European Commission
  @aral
  The main problem is the bureaucracy associated for this. Another issue is the ownership control of the organisation (DEP Cybersecurity), the organisation needs to be controlled by EU citizen and located in EU.
  @EUCommission @letsencrypt @nlnet
  
  In conversation about 2 months ago permalink
- Embed this notice
  Aral Balkan (aral@mastodon.ar.al)'s status on Wednesday, 26-Mar-2025 03:33:51 JST Aral Balkan
  in reply to
  @AlesandroOrtiz @EUCommission @letsencrypt @nlnet I’d rather we (the EU, via our taxpayer money) had more of a role than Google for reasons I don’t believe I have to restate in 2025.
  
  In conversation about 2 months ago permalink
- Embed this notice
  Alesandro Ortiz 🇵🇷🏳️‍🌈 (alesandroortiz@infosec.exchange)'s status on Wednesday, 26-Mar-2025 03:33:52 JST Alesandro Ortiz 🇵🇷🏳️‍🌈
  in reply to
  - Let's Encrypt
  - European Commission
  @aral @EUCommission @letsencrypt @nlnet Google and other large tech companies can also make up the difference, assuming they're funding it already. If not, they certainly should.
  
  In conversation about 2 months ago permalink
- Embed this notice
  Aral Balkan (aral@mastodon.ar.al)'s status on Wednesday, 26-Mar-2025 03:39:12 JST Aral Balkan
  in reply to
  @TheDutchChief @EUCommission @letsencrypt @nlnet Thank you, but you shouldn’t have to. You pay your taxes? That should be enough. This should be public infrastructure.
  
  In conversation about 2 months ago permalink
- Embed this notice
  Jeroen van Tol 🍋 (thedutchchief@mstdn.social)'s status on Wednesday, 26-Mar-2025 03:39:13 JST Jeroen van Tol 🍋
  in reply to
  - Let's Encrypt
  - European Commission
  @aral @EUCommission @letsencrypt @nlnet I'm happy to donate.
  
  In conversation about 2 months ago permalink
- Embed this notice
  Aral Balkan (aral@mastodon.ar.al)'s status on Wednesday, 26-Mar-2025 03:42:19 JST Aral Balkan
  in reply to
  - BenBen
  - Sovereign Tech Agency
  @BenBen @sovtechfund Thanks :)
  
  In conversation about 2 months ago permalink
- Embed this notice
  BenBen (benben@chaos.social)'s status on Wednesday, 26-Mar-2025 03:42:20 JST BenBen
  in reply to
  - Sovereign Tech Agency
  @aral cc @sovtechfund
  
  In conversation about 2 months ago permalink
- Embed this notice
  Tom (tdelmas@mamot.fr)'s status on Wednesday, 26-Mar-2025 03:55:03 JST Tom
  in reply to
  
  @aral Or let's use the protocol they created - ACME - to create more independent CA, EU-based ! https://github.com/tdelmas/Let-s-Clone
  In conversation about 2 months ago permalink
  Attachments
  1. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
    
    GitHub - tdelmas/Let-s-Clone: How to spread Certificates Authorities like Let's Encrypt
    
    How to spread Certificates Authorities like Let's Encrypt - tdelmas/Let-s-Clone
  Aral Balkan repeated this.
- Embed this notice
  Aral Balkan (aral@mastodon.ar.al)'s status on Wednesday, 26-Mar-2025 03:55:54 JST Aral Balkan
  in reply to
  - Tom
  @tdelmas Nice + yep, we could have an EU-based provider and regulate so that browsers must accept them.
  
  In conversation about 2 months ago permalink
- Embed this notice
  Tom (tdelmas@mamot.fr)'s status on Wednesday, 26-Mar-2025 04:01:41 JST Tom
  in reply to
  
  @aral Also, the problem is not only the funding. Under US law, they can't issue certificates to anybody under US-sanctions. It's only by chance that the International Criminal Court (https://www.whitehouse.gov/presidential-actions/2025/02/imposing-sanctions-on-the-international-criminal-court/) was not impacted.
  In conversation about 2 months ago permalink
  Attachments
  1. Domain not in remote thumbnail source whitelist: www.whitehouse.gov
    
    Imposing Sanctions on the International Criminal Court
    
    from @whitehouse
    
    By the authority vested in me as President by the Constitution and the laws of the United States of America, including the International Emergency
- Embed this notice
  Aral Balkan (aral@mastodon.ar.al)'s status on Wednesday, 26-Mar-2025 04:02:26 JST Aral Balkan
  in reply to
  - Tom
  @tdelmas Good shout. Yes. And what’s the use of a standard if there aren’t multiple implementations?
  
  In conversation about 2 months ago permalink
- Embed this notice
  Rich Felker (dalias@hachyderm.io)'s status on Wednesday, 26-Mar-2025 05:40:30 JST Rich Felker
  in reply to
  - adison verlice
  @adisonverlice @aral 🙄
  
  In conversation about 2 months ago permalink
- Embed this notice
  adison verlice (adisonverlice@dragonscave.space)'s status on Wednesday, 26-Mar-2025 05:40:31 JST adison verlice
  in reply to
  
  @aral they can't. that'd completely go against their values.
  this is like asking them to refuse letsencrypt in Russia, they can't. it's an automated certificate system, they can't just prevent the issuing certificates simply because of their party.
  even big websites, like the national security agency, and even whitehouse.gov use letsencrypt as well, so it wouldn't be a good sign for anyone.
  In conversation about 2 months ago permalink
  Attachments
  1. Domain not in remote thumbnail source whitelist: www.whitehouse.gov
    
    The White House
    
    President Biden and Vice President Harris promised to move quickly to deliver results for working families. That’s what they’ve done.
- Embed this notice
  Rich Felker (dalias@hachyderm.io)'s status on Wednesday, 26-Mar-2025 05:41:26 JST Rich Felker
  in reply to
  - adison verlice
  @adisonverlice s/politicians that are in a different party/nazis committing genocide and on the path to obliterating democracy/
  
  In conversation about 2 months ago permalink
- Embed this notice
  adison verlice (adisonverlice@dragonscave.space)'s status on Wednesday, 26-Mar-2025 05:41:27 JST adison verlice
  in reply to
  
  I will agree letsencrypt absolutely needs money to keep the lights on. and if worst comes to worst, hopefully they will move to EU. what I don't agree with is removing certificates from politicians that are in a different party
  
  In conversation about 2 months ago permalink
- Embed this notice
  Rich Felker (dalias@hachyderm.io)'s status on Wednesday, 26-Mar-2025 05:43:00 JST Rich Felker
  in reply to
  - adison verlice
  @adisonverlice If "following your values" prevents you from taking material action to impede the advance of nazis, you need to reevaluate or reprioritize your values.
  
  In conversation about 2 months ago permalink
- Embed this notice
  adison verlice (adisonverlice@dragonscave.space)'s status on Wednesday, 26-Mar-2025 05:43:01 JST adison verlice
  in reply to
  - Rich Felker
  @dalias uh what?
  
  In conversation about 2 months ago permalink
- Embed this notice
  Aral Balkan (aral@mastodon.ar.al)'s status on Wednesday, 26-Mar-2025 06:33:39 JST Aral Balkan
  in reply to
  @Saupreiss @EUCommission @letsencrypt @nlnet These folks? They seem very commercial. What’s to stop them offering the free certs tomorrow? There’s value in having a noncommercial EU alternative funded with taxpayer money.
  
  In conversation about 2 months ago permalink
- Embed this notice
  Saupreiss #Präparat500 (saupreiss@pfalz.social)'s status on Wednesday, 26-Mar-2025 06:33:40 JST Saupreiss #Präparat500
  in reply to
  - Let's Encrypt
  - European Commission
  @aral
  LE is not the only Provider of free ACME-Issued certificates and some of the alternatives are even based in the EU.
  @EUCommission @letsencrypt @nlnet
  
  In conversation about 2 months ago permalink
- Embed this notice
  Aral Balkan (aral@mastodon.ar.al)'s status on Wednesday, 26-Mar-2025 07:26:29 JST Aral Balkan
  in reply to
  @josemanuel @EUCommission @cacert @letsencrypt @nlnet ?
  In conversation about 2 months ago permalink
  Attachments
  1. Screenshot: Mona for Mastodon 22:24 2 Close cacert.org This Connection Is Not Private This website may be impersonating "www.cacert.org" to steal your personal or financial information. You should close this page. Show Details Close Page
    https://s3-eu-central-1.amazonaws.com/mastodon-aral/media_attachments/files/114/225/415/801/711/181/original/c62564dfd03297c6.png
- Embed this notice
  josemanuel (josemanuel@social.sdfeu.org)'s status on Wednesday, 26-Mar-2025 07:26:30 JST josemanuel
  in reply to
  @aral I'm not a big fan of Let's Encrypt. I'd rather have the @EUCommission fund real grassroots efforts like @cacert
  @letsencrypt @nlnet
  
  In conversation about 2 months ago permalink
- Embed this notice
  Aral Balkan (aral@mastodon.ar.al)'s status on Wednesday, 26-Mar-2025 14:59:45 JST Aral Balkan
  in reply to
  @Saupreiss @EUCommission @letsencrypt @nlnet Indeed. But nothing I would base a future system (e.g., the Small Web) on especially when there is a noncommercial alternative (I have no choice but to go commercial right now when it comes to DNS and VPS but the idea is to abstract that away as much as possible by supporting multiple. Easier said than done without standards but I guess that’s where it differs with ACME so, who knows, it might be an idea to support them. But still, we have an opportunity to build a not-for-profit EU ACME certificate provider and we should take it.) :)
  
  In conversation about 2 months ago permalink
- Embed this notice
  Saupreiss #Präparat500 (saupreiss@pfalz.social)'s status on Wednesday, 26-Mar-2025 14:59:47 JST Saupreiss #Präparat500
  in reply to
  - Let's Encrypt
  - European Commission
  @aral
  ZeroSSL is also around (Austrian company).
  But yes, indeed: They’re Both commercial, so not complete replacements. Still better than a monoculture under US jurisdiction.
  @EUCommission @letsencrypt @nlnet
  
  In conversation about 2 months ago permalink
- Embed this notice
  Aral Balkan (aral@mastodon.ar.al)'s status on Wednesday, 26-Mar-2025 16:50:22 JST Aral Balkan
  in reply to
  @paul @EUCommission @letsencrypt @nlnet AFAIK, they’re all commercial. Let’s Encrypt is a not for profit. That matters. We need a non-commercial ACME provider in the EU funded by taxpayer money.
  
  In conversation about 2 months ago permalink
- Embed this notice
  Paul Campbell (paul@mitra.kemitix.net)'s status on Wednesday, 26-Mar-2025 16:50:25 JST Paul Campbell
  in reply to
  - Let's Encrypt
  - European Commission
  @aral @EUCommission @letsencrypt @nlnet There are European alternatives to letsencrypt. I switched to Zerossl, a German company I believe. All I had to do was add acme_ca https://acme.zerossl.com/v2/DV90 to my Caddyfile. Should be just as simple for other servers.
  In conversation about 2 months ago permalink
  Attachments
  1. Untitled attachment
- Embed this notice
  Aral Balkan (aral@mastodon.ar.al)'s status on Friday, 28-Mar-2025 00:03:33 JST Aral Balkan
  in reply to
  @frost @EUCommission @letsencrypt @nlnet @publictorsten They’re commercial.
  
  In conversation about 2 months ago permalink
- Embed this notice
  Martin Frost (frost@camp.smolnet.org)'s status on Friday, 28-Mar-2025 00:03:34 JST Martin Frost
  in reply to
  @aral @EUCommission @letsencrypt @nlnet @publictorsten I think you can get the same service out of Buypass, which is based in Norway. But yes, it would be bad for the web if LE died. https://european-alternatives.eu/category/acme-ssl-certificate-providers
  In conversation about 2 months ago permalink
  Attachments
  1. Domain not in remote thumbnail source whitelist: mediamask.io
    
    European ACME SSL certificate providers | European Alternatives
    
    An SSL certificate is a digital certificate that is used to establish an encrypted connection to a web server (HTTPS).
- Embed this notice
  Aral Balkan (aral@mastodon.ar.al)'s status on Tuesday, 01-Apr-2025 05:02:47 JST Aral Balkan
  in reply to
  @devnull @EUCommission @letsencrypt @nlnet Well, we haven’t seen a single euro cent from them, so you’re not wrong.
  
  In conversation about 2 months ago permalink
- Embed this notice
  🐧DaveNull🐧 ☣️pResident Evil☣ (devnull@mamot.fr)'s status on Tuesday, 01-Apr-2025 05:02:49 JST 🐧DaveNull🐧 ☣️pResident Evil☣
  in reply to
  - Let's Encrypt
  - European Commission
  @aral "But what about funding IA-based innovation" (technofascism)…
  EU probably doesn't give a flying fuck about small web…
  @EUCommission @letsencrypt @nlnet
  
  In conversation about 2 months ago permalink
- Embed this notice
  Aral Balkan (aral@mastodon.ar.al)'s status on Thursday, 03-Apr-2025 16:16:11 JST Aral Balkan
  in reply to
  @jens @a @EUCommission @letsencrypt @nlnet Agree. https://mastodon.ar.al/@aral/114228345026645021
  In conversation about a month ago permalink
  Attachments
  1. No result found on File_thumbnail lookup.
    
    Aral Balkan (@aral@mastodon.ar.al)
    
    from Aral Balkan
    
    So after listening to your feedback, I agree: let’s spend that money in the EU to create a publicly-owned, free and open ACME-compatible certificate authority. See post quoted below, with links to Tom’s work as he’s already been thinking/working on this. #EU #ACME #TLS #security #LetsEncrypt #technologyCommons #SmallTech https://mamot.fr/@tdelmas/114224564125819333
- Embed this notice
  Jens Finkhäuser (jens@social.finkhaeuser.de)'s status on Thursday, 03-Apr-2025 16:16:14 JST Jens Finkhäuser
  in reply to
  @a @aral We don't need to move Let's Encrypt to the EU. We need to run a EU-based equivalent, and make it so that the infrastructure they run is easily replicated.
  As this development clearly demonstrates, Let's Encrypt is a single point of failure. It was never a good idea. It was just a less bad idea than others.
  And no, that's absolutely not suggesting they didn't do great work. This is about designing for resilience.
  @EUCommission @letsencrypt @nlnet
  
  In conversation about a month ago permalink
- Embed this notice
  Alexandre Dulaunoy (a@paperbay.org)'s status on Thursday, 03-Apr-2025 16:16:16 JST Alexandre Dulaunoy
  in reply to
  - Let's Encrypt
  - European Commission
  @aral I really would like to share your optimism too.
  If I can help in some ways, let me know. I was tracking the RFA budget withdraw and wondering how long OTF can survive without the funding.
  @EUCommission @letsencrypt @nlnet
  
  In conversation about a month ago permalink

Feeds