Reply to post: Re: Why?

Let's Encrypt gets automation

LDS Silver badge

Re: Why?

No, a free CA will just make easier to obtain a fake certificate for somebody's else site if no vetting procedure is in place before releasing a certificate. It actually make snooping *easier*. Again, encryption is useless if you can't check whom you're really talking to.

And what happen, if say MS, removes this CA from its list of CAs because it's releasing "bad" certificates? Sure, EFF, Mozilla and so on will start to whine.

Moreover, your private key needs to be stored *on your server* to be accessible by your web/mail server etc. Guess how many private keys stored on lame hosting or badly configured servers will be easily accessible to governments, etc.? Do you believe GoDaddy & C. will not handle keys to FBI/NSA/GHCQ and so on?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon