It saves me from the implementation details, this way I don't need to wear another engineer/sysadmin hat. I think the website content is more important than the SSL implementation!
Indeed! It's how security should work, and should be the default dual-goal of any piece of security software: provide as much security as possible to as many people as possible.
Downside existed before Let's Encrypt, it just got amplified with it.
General public does not differentiate between the SSL certificate validation level.
Let's Encrypt provides domain validation certificates, which only validates that one owns the domain in question.
There is another level - Organization Validation SSL certificates, which involves manual checking that this is the legal entity it claims to be. I would expect the financial institutions to use this kind of certificates to avoid phishing, but sadly I've seen some of them use Let's Encrypt.
As someone that supports Let's Encrypt's efforts and playing devil's advocate, I imagine a downside is that the bar is lowered and nefarious websites can easily get SSL-equipped channels compared to the high paywall of prior.
personjerry|3 years ago
ethbr0|3 years ago
barbazoo|3 years ago
pedja|3 years ago
General public does not differentiate between the SSL certificate validation level.
Let's Encrypt provides domain validation certificates, which only validates that one owns the domain in question.
There is another level - Organization Validation SSL certificates, which involves manual checking that this is the legal entity it claims to be. I would expect the financial institutions to use this kind of certificates to avoid phishing, but sadly I've seen some of them use Let's Encrypt.
otachack|3 years ago
ipaddr|3 years ago
Not sure it's a downside/upside thing. It might shed light on the types of people who get hired at facebook.