Letsencrypt refusing to renew certs because Google thinks the site is malicious is an *interesting* new threat model to contend with.


Apart from the problem of #letsencrypt following unreflected there's always the question of why on earth #google is allowed to effectively nuke sites of the web without any working way to get legitimate content off that list

Also clearly shows why you should never commit to something like hsts if you rely on #letsencrypt for your certificates

@joeyh that is interesting. I didn't realize Let's Encrypt was using Google's Safe Browsing API. There's a bit more about LE's stance on this here:

Sign in to participate in the conversation

Octodon is a nice general purpose instance. more