@aral wrote: "If your friends and family are trying to phish you, you have bigger problems."
Phishing means that an adversary *claiming to be* someone you know (including friends and family) convinces you to click on a link.
The purpose of a certificate, telling a receiver *WHO* (human readable) owns the associated private key (the last resort to distinguish between fake and authentic), now has completely vanished.
As if phishing is not already the nr. 1 problem on the internet.
Note: I'm fine with the idea provided that browsers clearly inform users about the reliability of authenticity (I've read your article, did you read https://infosec.exchange/@ErikvanStraten/113079966331873386 ?)
#Phishing#LetsEncrypt#DNS#DomainNames#Identification#Authentication