Except we didn't get a separate chain - all we got is that from now on software ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		kalleboo 17 days ago \| parent \| context \| favorite \| on: Upcoming changes to Let's Encrypt and how they aff... Except we didn't get a separate chain - all we got is that from now on software will just ignore the "client" flag and accept the "server" flag for client purposes, adding one more hack onto the pile of hacks that is the Internet.

bawolff 17 days ago [–]

That's far from clear. XMPP is still probably a minor use caee of client certificates.

kalleboo 16 days ago | [–]

Yeah buy why would anyone go through the trouble of bootstrapping a whole new PKI instead of just flipping an if statement?

I'm curious what other use cases there have been for domain-validated client certs aside from XMPP.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact