For example, anyone could use Let’s Encrypt to get a trusted certificate, so what makes this trustworthy? Or why not trust everyone that signs their own certificates with a program like OpenSSL?

  • I_Am_Jacks_____@lemmings.world
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    You still have to provide some proof that you are who you say you are by publishing a specific webpage on the site that will get the certificate or by publishing a specific DNS record on the domain. Self-signed certs don’t have that requirement so people could make certs for google.com if they wanted to.