@aral wrote: "If your friends and family are trying to phish you, you have bigger problems."

Phishing means that an adversary *claiming to be* someone you know (including friends and family) convinces you to click on a link.

The purpose of a certificate, telling a receiver *WHO* (human readable) owns the associated private key (the last resort to distinguish between fake and authentic), now has completely vanished.

As if phishing is not already the nr. 1 problem on the internet.

Note: I'm fine with the idea provided that browsers clearly inform users about the reliability of authenticity (I've read your article, did you read https://infosec.exchange/@ErikvanStraten/113079966331873386 ?)

@letsencrypt

#Phishing#LetsEncrypt#DNS#DomainNames#Identification#Authentication