[llvm-dev] Bugzilla invalid certificate issues

Chris Matthews via llvm-dev llvm-dev at lists.llvm.org
Mon Feb 13 13:24:57 PST 2017

EV certs attempt validate the identity of the organization that holds them.  That is a nice assurance to have from a place that makes the thing that compiles your code.

On February 11, 2017 at 12:28:08 PM, Stephen Checkoway (s at pahtak.org) wrote:

> On Feb 10, 2017, at 18:27, Chris Matthews via llvm-dev <llvm-dev at lists.llvm.org> wrote:  
> Letsencrypt only offers domain validation certs. I think an EV cert would be more appropriate for llvm.org.  

Interesting, why do you think EV certs are more appropriate? They don't offer any security benefits beyond those offered by DV certs. Given that much of llvm.org isn't even currently accessible over TLS, going straight to an EV cert seems overkill.  

One nice aspect of Let's Encrypt certs is renewals are automatable so no one needs to keep track of when a new cert is necessary.  

Stephen Checkoway  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-dev/attachments/20170213/942f57b6/attachment.html>

More information about the llvm-dev mailing list