Comment by Keyframe
2 months ago
has anyone actually commented to you in a negative way about using Let's Encrypt? I couldn't imagine, but curious on others' experiences.
One thing I heard recently which might be a valid point - that LE is based in US, which makes it a subject to US laws. Read from that what you will though.
No matter where they were based they would be subject to US laws since they offer services to US peoples. (similar to how everyone here always points out that US companies are subject to EU laws if they offer services in the EU).
Why is that problematic? They don't have your private keys and their "level of access" is equivalent to any other certificate authority that your browser trusts.
> Why is that problematic? They don't have your private keys and their "level of access" is equivalent to any other certificate authority that your browser trusts.
Let's Encrypt could stop issuing certificates to you, if the administration decided that necessary. This would at least disrupt whatever you were serving. Not that I think this is likely, only possible.
I think LE clealy demonstrated the need for a accessible free ACME authority. But it is high time for more alternatives (EU and China at least). FWIW: Everything around public infrastructure should be run decentralized not-for-profit using national resources. Things like DNS Registrars are silly if you think about it. They just buy it from TLD holders anyway.