For example, anyone could use Let’s Encrypt to get a trusted certificate, so what makes this trustworthy? Or why not trust everyone that signs their own certificates with a program like OpenSSL?
For example, anyone could use Let’s Encrypt to get a trusted certificate, so what makes this trustworthy? Or why not trust everyone that signs their own certificates with a program like OpenSSL?
On top of the other points raised here, it’s worth noting that LetsEncrypt is relatively new and until recently had another company higher in the signing chain so that they could provide their certificates without folk having issues with their local cert store.