new | show | ask | jobs Github

cpach 11 hours ago

One can also use a private CA for that scenario.

▲

bigfishrunning 9 hours ago | parent [-]

Exactly -- how many 192.168.0.1 certs do you think LetsEncrypt wants to issue?

▲

tialaramex 8 hours ago | parent [-]

The BRs specifically forbid issuing such a certificate since 2015. So, slightly before they were required to stop using SHA-1, slight after they were forbidden from issuing certificates for nonsense like .com or .ac.uk which obviously shouldn't be available to anybody even if they do insist they somehow "own" these names.

	▲	tialaramex 5 hours ago \| parent [-]
		I can't edit it now, but that comment should have said .com or .ac.uk -- that is wildcards in which the suffix beyond the wildcard is an entire TLD or an entire "Public Suffix" which the rules say don't belong to anyone as a whole, they're to be shared by unrelated parties and so such a wildcard will never be a reasonable thing to exist.