Ask HN: etc./letsencrypt/ had past five years of data

1 points by unlog ↗ HN
Had to look by chance at that folder and found out the full history of certificates and keys were sitting there. I don't know what to think, isn't this like having a record of all your previous passwords?, but worse.

2 comments

[ 4.6 ms ] story [ 15.1 ms ] thread
It’s not nearly as bad as you think. If you’re a Let’s Encrypt user, there’s a high likelihood that your servers (and your clients) were negotiating PFS cipher suites.

If they were, a compromise of the private key wouldn’t mean that you could break past intercepted communications.

https://en.m.wikipedia.org/wiki/Forward_secrecy