I missed that. Looked into that now.
Not even whonix.org’s CA is doing that.
https://web.archive.org/web/20210507054847/https://www.ssllabs.com/ssltest/analyze.html?d=certbot.eff.org&hideResults=on
https://web.archive.org/web/20210507055901/https://www.ssllabs.com/ssltest/analyze.html?d=letsencrypt.org&s=138.68.234.180&latest=
OCSP Must Staple No
nginx support is lacking
https://trac.nginx.org/nginx/ticket/812
Quote mnordhoff Community Moderator;
“No, the web is not ready.”
So, no. For now, not a good idea. Possibly in future. Thanks for bringing that up!
1 Like