You have to opt in, and they are honest about the tradeoffs when discussing them: > Short-lived...

striking • yesterday at 8:14 PM • 2 replies • view on HN

You have to opt in, and they are honest about the tradeoffs when discussing them:

> Short-lived certificates are opt-in and we have no plan to make them the default at this time. Subscribers that have fully automated their renewal process should be able to switch to short-lived certificates easily if they wish, but we understand that not everyone is in that position and generally comfortable with this significantly shorter lifetime. We hope that over time everyone moves to automated solutions and we can demonstrate that short-lived certificates work well.

https://letsencrypt.org/2026/01/15/6day-and-ip-general-avail...

Replies

eqvinox • yesterday at 8:18 PM

That's not really an answer, especially with:

> We hope that over time everyone moves to automated solutions and we can demonstrate that short-lived certificates work well.

They're expressly trying to show that this is a viable approach. It's actually kinda good that this outage, whatever it is, is happening now, as it's giving them a chance to demonstrate (or not) that they can deliver.

nottorp • yesterday at 8:28 PM

> no plan to make them the default at this time

At this time! Boil the frog slowly...

➕ show 1 reply

alt Hacker News

Replies