The CA/Browser Forum has officially voted to amend the TLS Baseline Requirements to set a schedule for shortening both the lifetime of TLS certificates.
I think there’s an argument to be made here of why are we trusting certificate providers anyway since that just adds another layer of centralization and a choke point for governments to attack. Why not use self-signed certificates and have each search engine indexer also index the certificate and point out how long it has been since it has changed so that you can trust whatever search engine you wish instead of these mega centralized providers of certificates. If kagi, google, ddg, and quant (for example) are all in agreement about the validity of a cert i feel its likely trustworthy. If they start disagreeing thats when it may be time to DYOR. Besides, TOFU is much easier to set up.
Why not use self-signed certificates and have each search engine indexer also index the certificate and point out how long it has been since it has changed so that you can trust whatever search engine you wish instead of these mega centralized providers of certificates.
Freshness isn’t an indicator of validity. The fence around the nearby park is decades old and with inspection and minor repairs is still viable; commercials on TV promising mail-order boner pills or vast riches from slots and roulette are relatively new.
I think there’s an argument to be made here of why are we trusting certificate providers anyway since that just adds another layer of centralization and a choke point for governments to attack. Why not use self-signed certificates and have each search engine indexer also index the certificate and point out how long it has been since it has changed so that you can trust whatever search engine you wish instead of these mega centralized providers of certificates. If kagi, google, ddg, and quant (for example) are all in agreement about the validity of a cert i feel its likely trustworthy. If they start disagreeing thats when it may be time to DYOR. Besides, TOFU is much easier to set up.
Freshness isn’t an indicator of validity. The fence around the nearby park is decades old and with inspection and minor repairs is still viable; commercials on TV promising mail-order boner pills or vast riches from slots and roulette are relatively new.
Thats true.