March 24, 2017 -- "During the past year, Let's Encrypt has issued a total of 15,270 SSL certificates that contained the word 'PayPal' in the domain name or the certificate identity. Of these, approximately 14,766 (96.7%) were issued for domains that hosted phishing sites" [1]
LetsEncrypt isn't perfect either. You've got to be cognizant of what details you are sharing over the connection, regardless of who signs the certificate.
> You've got to be cognizant of what details you are sharing over the connection, regardless of who signs the certificate.
So why not cut out the browser errors, for free? Somehow this vaguely feels like Don Quixote straining hard to hold onto the original definition of the term "hacker".
Props to this guy for sticking to his beliefs; I don't mean for this to be interpreted as saying anything should be changed.
LetsEncrypt isn't perfect either. You've got to be cognizant of what details you are sharing over the connection, regardless of who signs the certificate.
[https://it.slashdot.org/story/17/03/25/2222246/over-14k-lets...]