IoT
I have an IoT device - specifically a wood pellet stove which I can control from my phone. Last year I had to upgrade the firmware "because of a change in the certificate". Now, for properly written IoT code (stop laughing at the back there), the firmware will hard code the CA root certificate and the server certificate can be updated as often as required. On the other hand, if you expect to upgrade the firmware every couple of years anyway, it's much easier to hard code the hash of the server cert directly, and just use a long-lived cert. That's not an option if you protect the server with a LetsEncrypt cert that rolls every three months. (On the other other hand, if you are using a hard-coded cert, you can just use a self-signed cert.)
Biting the hand that feeds IT
