That is a trade-off for false negatives rather than false positives. It is not a... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		codemac on Jan 10, 2018 \| parent \| context \| favorite \| on: Let's Encrypt tls-sni-01 disabled due to credible ... That is a trade-off for false negatives rather than false positives. It is not an unreasonable choice when dealing with certificates.

stephenr on Jan 10, 2018 [–]

The default client recommended by LE (certbot) supports multi-challenge registration/renewal. I'm pretty sure I trust their judgement over that of the Caddy project, given their (Caddy) history of weird decisions that backfire and cause user issues.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact