>It's great to see OpenBSD Project supporting Let's Encrypt. I am absolutely not supporting Let's Encrypt. The client scares the shit out of me, and shows me how low the bar has become. Considering all I need is put something on a web site that I can convince a DNS server is the one they'll check, well, that's pretty darn bad - you'd all probably be a lot better off pinning self-signed certs.
> It is really nice to finally see TLS on openbsd.org. How about redirecting > http to https? And statements like this - and people that think this is a good idea, are why I spoof DNS answers in bars and coffee shops, and why I don't read misc@. This is never a good idea, unless you want the connections intercepted and MITM'ed.
