this post was submitted on 09 Aug 2023
55 points (96.6% liked)

Explain Like I'm Five

14575 readers
2 users here now

Simplifying Complexity, One Answer at a Time!

Rules

  1. Be respectful and inclusive.
  2. No harassment, hate speech, or trolling.
  3. Engage in constructive discussions.
  4. Share relevant content.
  5. Follow guidelines and moderators' instructions.
  6. Use appropriate language and tone.
  7. Report violations.
  8. Foster a continuous learning environment.

founded 2 years ago
MODERATORS
Rikudou_Sage
[email protected]
sabbah
AradFort
Don_Dickle
55
Why are CAs important if anyone can get their certificate signed for free? (self.explainlikeimfive)
submitted 1 year ago by lemmington_steele to c/explainlikeimfive
10 comments fedilink hide all child comments
 

For example, anyone could use Let's Encrypt to get a trusted certificate, so what makes this trustworthy? Or why not trust everyone that signs their own certificates with a program like OpenSSL?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 1 year ago

You still have to provide some proof that you are who you say you are by publishing a specific webpage on the site that will get the certificate or by publishing a specific DNS record on the domain. Self-signed certs don't have that requirement so people could make certs for google.com if they wanted to.