benjojo.co.uk

one honk maybe more

benjojo replied 18 May 2025 16:16 +0000
in reply to: https://secluded.ch/users/jeroen/statuses/114529658245664590

@jeroen @jwildeboer There is a (sorta) Euro Let's Encrypt, BuyPass Go (something I use for my XMPP and other random bits) works fine, and is just a small config tweak, Yes they are a commercial CA, but they are European, and not Let's Encrypt (they don't do wildcards though), and they have a commercial purpose overall, I am ultimately fine with this, your mileage may vary

(no hate to Lets Encrypt, they are lovely people, but I do worry about their scale compared to the rest of the CA ecosystem)

alarig@hostux.social replied 19 May 2025 14:11 +0000
in reply to: https://benjojo.co.uk/u/benjojo/h/w9dLD337BlRYTSwX7w

@benjojo @jeroen @jwildeboer I had issues with newer certbot with them, do you known if it's fixed?

benjojo replied 19 May 2025 14:18 +0000
in reply to: https://hostux.social/users/alarig/statuses/114534900687692444

@alarig no idea, I don't use certbot

benjojo replied 18 May 2025 16:36 +0000
in reply to: https://social.wildeboer.net/users/jwildeboer/statuses/114529742058383732

@jwildeboer @jeroen I mean sure, but does this actually matter? (outside of XMPP I guess that actually does use client auth)

The SMTP argument that everyone is bringing up doesn't seem to be the default configuration deployed at scale. It sucks that full CA trusted client auth is going to be a little more tricky, but I generally prefer when the complaining not just defending weird non standard configs