[yexponential]

This is awesome news.

Should we be worried that LE is sponsored by the big players (cisco et al.)

Not implying that we should. Just genuinely wondering if we should be wary or if it means anything at all, for the future of LE I mean.

ps:might be my misunderstanding as im not sure what sponsored actually entails.

[jedisct1]

Having Cisco onboard is scary, but it doesn't imply that backdoors have been added to LE. Sponsors only give money to support LE development and infrastructure.

[joering2]

hmm sponsors not "only give money"... they usually expect something in return - which is understandable.

To me this is a deal-breaker. Cisco did so many bad things in the past in terms of privacy that the only good news is that now I know to stay away from LetsEncrypt.

[pfg]

Could you elaborate on how Cisco being a sponsor affects your trust in Let's Encrypt? It's in the nature of the CA system that it's only as strong as its weakest link, and there are dozens if not hundreds of CAs of questionable trust.

This seems like a conceptual misunderstanding of how TLS works. Let's Encrypt does not have access to your private key and does not have the ability to decrypt your traffic. They put a stamp on your certificate saying "Yep, this key belongs to this domain" - that's it.

[count]

Hypothetically, the risk could be that LE is now a trusted CA, Cisco could pressure to get a signed, trusted cert for anything.

I don't think that's realistic, but if we're talking conspiracy theories...