It’s sad that these arguments are still being shared. It was the same arguments years ago from people that would just assume that a free cert was inherently unsafe.
I’d also argue that the fact that it’s 100% automated and their software is open source makes it objectively more secure. On the issuing side, there’s no room for human error, social engineering, etc.
Just two months ago, a security team member dinged one of our services for using Lets Encrypt, as “it’s not as secure as a traditional CA”.
It’s sad that these arguments are still being shared. It was the same arguments years ago from people that would just assume that a free cert was inherently unsafe.
I’d love for them to explain how, if anything the short cert validity and constant re-checking of the domain seems more secure than traditional CAs
I’d also argue that the fact that it’s 100% automated and their software is open source makes it objectively more secure. On the issuing side, there’s no room for human error, social engineering, etc.