3 Sep
2019
3 Sep
'19
9:57 a.m.
Still no one has answered why ripe is using self signed certs for anchor when they can use let's encrypt for free...
TL;DR if the community prefers it we use LE (+TLSA). This comes with the expense of some one-time and ongoing operational work. Considering that anchors don't host any sensitive information, using self-signed certs (+TLSA) was so far considered good enough. Regards, Robert