You can, but there is no way to force a method. A MitM attacker will choose the file method to get itself a cert for your site - the main argument in the article.
> The whole point is that you set up cron job once and forget about it.
Exactly. (Italics by me.)
>> HTTPS is a trap: Once you've moved your websites to HTTPS, there's no going back to plain HTTP...
> Not true. You can run HTTP version of your website in parallel if you so desire.
But never again HTTP-only. No visitors will load HTTP. Did you actually read the article and the arguments??
> [1]
I'd like to see some numbers before I belive your argument.
So that absolutely no human ever checks the transparency log. I can't even find that log for LetsEncrypt, let alone how to search it for my website's certs.
You can, but there is no way to force a method. A MitM attacker will choose the file method to get itself a cert for your site - the main argument in the article.
> The whole point is that you set up cron job once and forget about it.
Exactly. (Italics by me.)
>> HTTPS is a trap: Once you've moved your websites to HTTPS, there's no going back to plain HTTP...
> Not true. You can run HTTP version of your website in parallel if you so desire.
But never again HTTP-only. No visitors will load HTTP. Did you actually read the article and the arguments??
> [1]
I'd like to see some numbers before I belive your argument.
> https://letsencrypt.org/2025/01/16/6-day-and-ip-certs
So that absolutely no human ever checks the transparency log. I can't even find that log for LetsEncrypt, let alone how to search it for my website's certs.