this post was submitted on 09 Aug 2023
49 points (96.2% liked)

Explain Like I'm Five

14280 readers
1 users here now

Simplifying Complexity, One Answer at a Time!

Rules

  1. Be respectful and inclusive.
  2. No harassment, hate speech, or trolling.
  3. Engage in constructive discussions.
  4. Share relevant content.
  5. Follow guidelines and moderators' instructions.
  6. Use appropriate language and tone.
  7. Report violations.
  8. Foster a continuous learning environment.

founded 1 year ago
MODERATORS
 

For example, anyone could use Let's Encrypt to get a trusted certificate, so what makes this trustworthy? Or why not trust everyone that signs their own certificates with a program like OpenSSL?

you are viewing a single comment's thread
view the rest of the comments
[โ€“] Varen@kbin.social 8 points 1 year ago (1 children)

the Cert just confirms, that the domain your accessing is belonging to who owns it. When you signup for a cert at LetsEncrypt, you have to run a script on the source, which confirms as your domain.
You wouldn't be able to get a Cert for e.g. amazon.com - because you wouldn't be able to run that specific script on the source and so LetsEncrypt couldn't confirm if that domain really is yours or not. And that's as well the reason, why not trust everyone,

perfect! thank you :)