Piccalilli's resource offers insights, tutorials, and resources for frontend developers and web designers. Readers can learn about HTML, CSS, and JavaScript techniques, as well as design principles and accessibility. With articles, tutorials, and design showcases, Piccalilli provides  guidance and inspiration for creating modern and accessible web experiences.

Feisty Duck

Let's Encrypt now offers six-day certificates and IP address certificates in general availability. The shorter certificate lifetimes reduce the window of opportunity for attackers who compromise private keys, since certificate revocation is largely ineffective. While beneficial for high-security targets like financial institutions, these certificates require more frequent renewal (every four days), leaving less margin for error and potentially requiring weekend monitoring. Google Trust Services also supports short-lived certificates, with one-day certificates being the minimum possible. IP address certificates enable securing network devices without hostnames. Implementation is straightforward using ACME clients with profile support.

Let’s Encrypt’s Six-Day Certificates Generally Available

Is a Six-Day Certificate Better or Worse?