Ask HN: What should a Alternative to LetsEncrypt offer

by randompeach on 4/10/2024, 1:05:11 PM with 16 comments
In the name of resilience, what should a true alternative to Lets Encrypt offer for you.

Besides the following basic requirements: - feature complete (offering both simple domain and wildcard support via ACME) - registered non-profit - not inside the US (simply based on resillience) - like lets encrypt community driven

  • by toast0 on 4/11/2024, 6:50:21 PM

    There's already other CAs that (optionally) use ACME to issue. As I understand it from the mod_md readme [1], Buypass basically works (without must staple), Sectigo and ZeroSSL work too, but require an account to be setup.

    Are these true alternatives? If not, why not? I don't know where these companies reside.

    [1] https://github.com/icing/mod_md?tab=readme-ov-file#known-iss...

  • by cpach on 4/12/2024, 7:45:38 AM

    How would you fund such an operation?

    It’s not extremely expensive, but it needs a bit of funding.

    https://community.letsencrypt.org/t/what-it-costs-to-run-let...

  • by kevsamuel on 4/10/2024, 1:08:08 PM

    Using a different set of libraries as dependencies.

  • by nik736 on 4/11/2024, 1:40:24 PM

    Why are those basic requirements and what has being based in the US to do with resillience?

  • by cranberryturkey on 4/10/2024, 1:11:09 PM

    wildcard subdomains

  • by KomoD on 4/12/2024, 1:58:53 PM

    It should have money, a shit ton of it.