GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
     (mint@ryona.agency)'s status on Sunday, 18-Jan-2026 04:24:24 JST  
    Finally, some good news.
    https://letsencrypt.org/2026/01/15/6day-and-ip-general-availability
    In conversation about 3 months ago from ryona.agency permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: letsencrypt.org
      6-day and IP Address Certificates are Generally Available
      Short-lived and IP address certificates are now generally available from Let’s Encrypt. These certificates are valid for 160 hours, just over six days. In order to get a short-lived certificate subscribers simply need to select the ‘shortlived’ certificate profile in their ACME client. Short-lived certificates improve security by requiring more frequent validation and reducing reliance on unreliable revocation mechanisms. If a certificate’s private key is exposed or compromised, revocation has historically been the way to mitigate damage prior to the certificate’s expiration. Unfortunately, revocation is an unreliable system so many relying parties continue to be vulnerable until the certificate expires, a period as long as 90 days. With short-lived certificates that vulnerability window is greatly reduced.
    • Embed this notice
      7666 (7666@comp.lain.la)'s status on Sunday, 18-Jan-2026 04:31:07 JST 7666 7666
      in reply to
      @mint I was honestly much more excited about this https://www.ietf.org/archive/id/draft-ietf-acme-dns-persist-00.html
      In conversation about 3 months ago permalink

      Attachments

      1. No result found on File_thumbnail lookup.
        Automated Certificate Management Environment (ACME) Challenge for Persistent DNS TXT Record Validation
        from Michael Slaughter
        This document specifies "dns-persist-01", a new validation method for the Automated Certificate Management Environment (ACME) protocol. This method allows a Certification Authority (CA) to verify control over a domain by confirming the presence of a persistent DNS TXT record containing CA and account identification information. This method is particularly suited for environments where traditional challenge methods are impractical, such as IoT deployments, multi-tenant platforms, and scenarios requiring batch certificate operations. The validation method is designed with a strong focus on security and robustness, incorporating widely adopted industry best practices for persistent domain control validation. This design aims to make it suitable for Certification Authorities operating under various policy environments, including those that align with the CA/Browser Forum Baseline Requirements.
       likes this.

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.