|
|
|
|
|
|
by bawolff
136 days ago
|
|
|
You are being pedantic but also pedantically incorrect. Lets encrypt provides value by providing signed TLS certs that are enrolled in webPKI (i.e. trusted by browsers). If they were just provided a (not necessarily trusted) tls cert, like what anyone can generate from the command line, nobody would use them. |
|
|
This is a significant and important use case that's totally ignored by the "WebPKI" proponents, and there is no alternative infrastructure that would provide that value if WebPKI would e.g. decide to add certificate constraints limiting issued certificates to TCP/433.