Comment by notepad0x90

I think you're changing the topic here. But i'll bite a bit, we're talking about let's encrypt here, so for every argument you made, it would be let's encrypt issuing the certificates. All the "open source" use cases you have can also be supported by them.

The whole point of let's encrypt doing this would be to reduce the fees for open source devs and poor devs in general. But ultimately, software published to the public is a matter of consumer safety and welfare. to that end, if you have a solution that enables operating systems to authenticate and review software before consumers are exposed to it, feel free to suggest an alternative, short of that, too bad for the open source dev. Nothing stoping you from using alternative devices. You don't have any entitlement over operatins systems or hardware sold to the public. The needs of software developers as a whole is not important in the slightest bit when it comes to consumer devices and software. Just the same as the plumbers needs are irrelevant when it comes to evaluating the safety of water and sewage pipes, or the construction person's needs are irrelevant when it comes to evaluating the safety of the building they're working on.

If construction worker claims they don't need regulatory certified construction materials because that means random people building cabins in the woods can't sell their house, too bad right? They can still build their own cabin and live in it, but to sell the cabin house it must pass inspection (fees), zoning requirements, accessibility and fire safety requirements,etc.. why is your software dev industry so special?

And yes, microsoft and google get to police things, just like in every other regulated industry there are professional certification boards. You need to pass the law BAR to be a lawyer, you need to pass the medicine BAR to practice medicine on the public. And those BAR associations are made up of industry leaders. Nothing prevents you from going to medical school and treating your own self without passing the BAR. Nothing stops you from writing your own software and using it. but when other people use it, they expect the government to keep them safe from malpractice and harm, that supersedes any needs or desires you may have for open source. You can even argue that it should be free, and that's the whole point of this, let's encrypt made TLS certs free, maybe it can make code signing/dev auth free too! But if it doesn't ,i consider it gross incompetence and dereliction of duty, if the government doesn't require software signing and secure boot on every consumer accessible software system.