How are you following this in practice, especially if every service has its own ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		vladvasiliu on July 15, 2023 \| parent \| context \| favorite \| on: Tor is not just for anonymity (2022) How are you following this in practice, especially if every service has its own certificate that it rotates every two months via letsencrypt or similar? It's not clear to me how you know who asked for the certificate in the log. Do you somehow compile the private keys of all entities that are allowed to request certificates and compare that to the CTL?

ZiiS on July 15, 2023 [–]

I only have about a two dozen certs so having a notification a week is managable not had to think how to scale it.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact