For example, anyone could use Let’s Encrypt to get a trusted certificate, so what makes this trustworthy? Or why not trust everyone that signs their own certificates with a program like OpenSSL?

  • Skelectus@suppo.fi
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    It’s less about the trustworthiness of the site and more about confirming the site’s identity. Maybe the original is a scam site, but at least you know it’s the original.