SoylentNews

AnonTechie [soylentnews.org] writes:

Internet Security Research Group nonprofit Let's Encrypt has massively upgraded its certification hardware and software so that it can delete and reissue all its certs in less than 24 hours. Last April the certificate authority was forced to kill three million HTTPS certs after a bug was found in its automated certificate management environment, about 2.6 per cent of its 150 million live certificate base. That caused some head-scratching.

After upgrading its network to fiber and replacing aging Intel big iron with the latest AMD Epyc chip, not to mention some cunning software changes, Let's Encrypt now says it can revoke and replace 200 million certificates in less than 24 hours, should a catastrophic security failure occur.

The Register [theregister.com]

[Upgrade Details]: Preparing to Issue 200 Million Certificates in 24 Hours [letsencrypt.org]

Original Submission