Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] Let's Encrypt

discuss AT

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] Let's Encrypt

Chronological Thread 
  • From: Blixa Morgan <blixa AT>
  • To: discuss AT
  • Subject: Re: [opennic-discuss] Let's Encrypt
  • Date: Mon, 04 Apr 2016 05:44:28 +0000

Actually, from a cert signing side, Let's encrypt should have a master cert that is valid for anything, including non-icann domains.  What would prevent it from working is their domain validation service, which will attempt to connect to the domain name before approving the certificate.  Since they do not currently use opennic on their let's encrypt servers, they would get a DNS failure.

So all we would need to do is get them to set up a validation server that uses opennic, and all should be good.

On Sun, Apr 3, 2016, 17:59 Carlo Stemberger <carlo.stemberger AT> wrote:
2016-04-03 21:42 GMT+02:00 Neal J. de Waard <inewbcake AT>:
No, they cannot issue certs to domains under TLDs not recognized by ICANN

That's a pity. I see two possible solutions:

1) convince them to certify (at least) OpenNIC domains
2) create an alternative and convince Mozilla, Google etc. to consider their certificates as valid



You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe AT

Q: Why is this email five sentences or less?

Archive powered by MHonArc 2.6.19.

Top of Page