
Why Let’s Encrypt is a bad idea - gilad
https://medium.com/swlh/why-lets-encrypt-is-a-really-really-really-bad-idea-d69308887801
======
dclaw
cPanel hosting servers by default utilize 'AutoSSL' provided by Sectigo
(formerly Comodo), but they are also free. Although I do still see cPanel
customers on Let's Encrypt certificates, this is a pretty shallow argument.

If there's a key compromise at let's encrypt, the beauty of their system is
that the certificates generally get replaced automatically, and best practice
is to have a cron check for them nightly, or at least weekly. There should be
no situation like Equifax where it goes on for months.

Finally, my employer has moved on to AutoSSL via cPanel and Sectigo, but we
still have some holdouts. I'm currently waiting over a month for a certificate
issuance from Enom & Sectigo because of some documentation BS. Been working
with them for well over a decade, and it's getting worse all the time. We have
another cheap certificate from Sectigo via Enom, and we're stuck in a fraud
check hell, and they won't even let us begin to configure it. We are a company
in good standing with thousands of domains with Enom, and thousands of paid
SSL certificates in our order pipeline over the years with Comodo/Sectigo, and
yet we can't even get a $10 certificate issued in under 2 weeks.

These companies are dying, and they have themselves to blame.

~~~
nickf
That doesn't sound right - I want to look into it for you.

Would you be able to send me any info (domain, order IDs) you can to nick (at)
sectigo (dot) com, please?

------
arkitaip
This is largely an ignorant and poorly argumented rant in favor of paid SSL
certs.

------
the_common_man
I guess the gripe is with the let's encrypt monopoly? I am still hoping acme
gets implemented by other providers.

