[auslander]

CF is in unique position to aggregate decrypted data from all users of many websites, attracted by 'free' plan with provided SSL.

This is against the whole idea of SSL, a closed tunnel between users and websites, so yes, I have an issue.

Plus many users set their DNS resolvers to CF DNS, browsing history goes here.

[eropple]

Let's Encrypt effectively shoots a hole--and this is a good thing--in the idea that TLS is for a meaningful kind of identification and establishes once and for all that the primary reason for TLS is for secured communication across the open internet.

And...that's it. CloudFlare operates in this spirit. It does not route traffic from its edge nodes across the open internet. It routes it across its private network.

So, no, it's not against "the whole idea of SSL"; it's what you have decided the idea of SSL is and nobody else on the internet really agrees with.

The amount of disingenuity you're hucking in this thread is pretty gross and you should stop.