This letter was originally published in our 2024 Annual Report.
The past year at ISRG has been a great one and I couldn’t be more proud of our staff, community, funders, and other partners that made it happen. Let’s Encrypt continues to thrive, serving more websites around the world than ever before with excellent security and stability. Our understanding of what it will take to make more privacy-preserving metrics more mainstream via our Divvi Up project is evolving in important ways.
Not at all, thank you for actually trying to answer my question instead of just telling me how it is supposed to work!
Just quickly, no I didn’t wonder about the keys encryption strength, what I do wonder about is if it is overall more secure to use a “trusted” entity, than, if the browsers weren’t locked down, my own home-generated signature.
I mean, if someone tries to “man in the middle”, or maskerade as my website, the trusted stuff will not add any security.
If someone hacks my site, and then maskerades as me (or does their shenanigans) the trusted stuff doesn’t add any security there either. They can just use my installed all set up “Trusted tm” certificate until it expires (my home made cert will expire too BTW).
So, for now, I don’t see any benefit to this except the trusted entity gets to have control over it all (and earn some money).
I bet there are smarter people than me out there who knows why I’m wrong, hence all the noobie questions.
Not at all, thank you for actually trying to answer my question instead of just telling me how it is supposed to work!
Just quickly, no I didn’t wonder about the keys encryption strength, what I do wonder about is if it is overall more secure to use a “trusted” entity, than, if the browsers weren’t locked down, my own home-generated signature.
I mean, if someone tries to “man in the middle”, or maskerade as my website, the trusted stuff will not add any security.
If someone hacks my site, and then maskerades as me (or does their shenanigans) the trusted stuff doesn’t add any security there either. They can just use my installed all set up “Trusted tm” certificate until it expires (my home made cert will expire too BTW).
So, for now, I don’t see any benefit to this except the trusted entity gets to have control over it all (and earn some money).
I bet there are smarter people than me out there who knows why I’m wrong, hence all the noobie questions.
Cheers!