• Justin@lemmy.jlh.name
    link
    fedilink
    English
    arrow-up
    19
    arrow-down
    1
    ·
    5 days ago

    That’s true, but it would also have to be a serious attack for LE to be down for 3 entire days. There are multiple providers for automated certs, so you could potentially just switch if needed.

    • sugar_in_your_tea@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      17
      ·
      edit-2
      5 days ago

      The attack would only need to last for a day or two, and then everyone requesting updated certs when it stops could push enough people outside the 6-day window to cause problems. 6 days is probably long enough to not be a huge issue, but it’s getting close to problematic. Maybe change to 15 days, which should avoid the whole issue (people could update once/week and still have a spare week and a day to catch issues).