<![CDATA[Reminder that halting issuance is a recommended action during an incident &amp; trustworthy CAs will do it early, until the problem is conclusively identified and remediated.]]>Reminder that halting issuance is a recommended action during an incident & trustworthy CAs will do it early, until the problem is conclusively identified and remediated.

This happens for both for true "oh-shit" events, and "cross your t's dot your i's" compliance issues and you can't infer which bucket the incident is in just because issuance has stopped.

See
https://wiki.mozilla.org/CA/Responding_To_An_Incident#Immediate_Actions

]]>https://board.circlewithadot.net/topic/0922a5d2-3974-47f1-ba3b-08bc281345f3/reminder-that-halting-issuance-is-a-recommended-action-during-an-incident-amp-trustworthy-cas-will-do-it-early-until-the-problem-is-conclusively-identified-and-remediated.RSS for NodeFri, 15 May 2026 05:50:46 GMTFri, 08 May 2026 21:02:47 GMT60<![CDATA[Reply to Reminder that halting issuance is a recommended action during an incident &amp; trustworthy CAs will do it early, until the problem is conclusively identified and remediated. on Fri, 08 May 2026 21:09:52 GMT]]>@cpu i put certbot in the crontab and hope it doesn't blow up 🙂

]]>https://board.circlewithadot.net/post/https://tech.lgbt/users/tay/statuses/116541003698591610https://board.circlewithadot.net/post/https://tech.lgbt/users/tay/statuses/116541003698591610Fri, 08 May 2026 21:09:52 GMT<![CDATA[Reply to Reminder that halting issuance is a recommended action during an incident &amp; trustworthy CAs will do it early, until the problem is conclusively identified and remediated. on Fri, 08 May 2026 21:06:57 GMT]]>Also you're renewing your certs early, based on some proportion of their total validity period right?

And using ACME, so it's automated and easy to fail-over to a standard's compliant alternative CA, right??

And using ARI so you're informed when you need to re-issue sooner than expected because of a compliance issue, right???

And back-stopping all of the above with monitoring, right????

]]>https://board.circlewithadot.net/post/https://hachyderm.io/users/cpu/statuses/116540992233711631https://board.circlewithadot.net/post/https://hachyderm.io/users/cpu/statuses/116540992233711631Fri, 08 May 2026 21:06:57 GMT