|
|
|
|
|
|
by Vendan
3853 days ago
|
|
|
almost anyone can set up trivial end to end encryption using any number of methods without relying on outside agencies. SSH, VPN, PGP, the list goes on. The issue is getting a HTTPS cert trusted by the general public, which is a much harder problem. Before letsencrypt, you had to pay a CA to issue you a cert. For a DV cert, they verified that you had permission to get a cert through a small number of ways. Most involved just getting an email through the whois entry for your domain, or setting a specific entry in DNS. Those aren't any more "secure" then letsencrypt's methods. If anything, a letsencrypt cert is arguably MORE secure, as it only lasts 3 months, so the domain needs to be rechecked more often. |
|
|