[strommen]

So just to be clear: whatever you do with the keys generated by this service is trivially pwn-able by TinyCert.

Maybe you trust TinyCert not to be malicious. But do you think they're completely unhackable? A database full of private keys is a mighty tempting reward for attackers.

I wouldn't touch private-key-generation-as-a-service with a 10-foot pole.

[sneak]

First, they have to care. Second, they'd have to MITM your network connection. The chance of a single party being able to do both of those is very, very low.

Sure, it's not best practices. Is it better than what R&D teams are doing now? (Unvalidated self-signed certs, or no encryption at all.) Absolutely.

People complaining about this are like people who complain about invalid cert warnings not being strong enough (or too easy to disable) while half the world still browses with http with no warnings.

It's a significant improvement over the status quo.

[IgorPartola]

Come on over to my place. I won't MITM you, I promise :). Or we could go down to the coffee shop down the street. They have free Wi-Fi there too. Or maybe you'd like to visit my favorite co-working space. How about a conference room at my corporate office? Or maybe I'm your friendly $DAY_JOB firewall guy with a hankering to read your email. Perhaps I am your crazy ex working for $ISP. Or maybe I am on the same public cloud as your server and my VM just happens to be hosted on the same physical box as yours. There are lots of ways to MITM a connection that don't require you to do Mission Impossible style of break ins to tap into the backbone.

[sneak]

Good thing you don't run TinyCert. Please resume missing my point.