On Tue, Mar 31, 2015 at 11:11 AM, Stephen Farrell <[email protected]> wrote: > > So today I was updating a web server cert as I do a few > times a year. And I have a usability story to tell... > > I got the new cert and installed it in apache without any > Cullen-like problems:-) That cost me €0.00 in payment and > about 5-10 minutes. All good so far. > > Chrome was happy, but FF/opera/my phone weren't. >
[ Long tale of woe snipped ] > I hope this helps those who are worried that acme is > only about business models. In my head what acme ought > be about is getting rid of that 1 hour of silly sysadmin > time I just spent - the system-automated web server s/w > update should just have done all of this for me without > me even having to know a new cert was needed until I > get the system update email tomorrow. > Something that is obvious, but probably worth mentioning is that you actually have /some/ clue about this sort of thing, and were still foiled. Most admins have no idea what OSCP, CMP, CMC, PKCS#10, EST, SCEP, CRMF or even a PKI *are* -- nor should they have to.... > Cheers, > S. > > PS: Apologies, Cullen but it's your own fault:-) I missed Acme, but Cullen's sadness has been mentioned many times now -- sounds like I missed much entertainment... W > > _______________________________________________ > Acme mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/acme -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf _______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
