On Wed, Jun 19, 2019 at 12:51 PM Bagas Sanjaya wrote: > Unlike LE, we (debian.org) have to create Certificate Signing Requests (CSR) > which will be sent to those CA.
As a member of the Debian sysadmin team I can tell you that this is never going to happen. Manually doing TLS is way too much work when you have hundreds of subdomains and a terrible idea and we will never go back to doing it. > EV certificates can be useful for large organizations like Debian. EV certificates are becoming less useful over time, they are probably a waste of money now: https://scotthelme.co.uk/are-ev-certificates-worth-the-paper-theyre-written-on/ > would commercial SSL/TLS make sense for debian.org website? No. -- bye, pabs https://wiki.debian.org/PaulWise
