Like the TSA at the airport.
Security that we never needed before, but now suddenly we do.
Now we’re dependent on a third party gatekeeper for permission to have a web site.
Free, for now.
It’s a move by the weasels-that-be to turn the Internet into yet another tool for profit and control.
No, it is not a scam or like the TSA. (… which is of much less clear benefit, but that’s a different story.)
How do you figure? Dropping unsafe practices earlier would’ve been a great idea, it was just another item in the long list of “people suck at technology”, that stuck around out of habit and sloppiness. HTTPS is not new, but for a long time it was much more acceptable to deal with plain unsafe solutions for many uses. Since setting up an HTTPS site for free got very, very easy, there just weren’t many excuses left.
Sort of. By necessity, in a chain of trust, the buck has to stop somewhere, that’s your root “authority”. In some cases you just make your own on the logic that you trust yourself, or accept some other cert/authority as trusted, or tell the browser “yeah whatever, I know what I’m doing” if you know it’s safe. The catch is that then, for any number of reasons, you can’t necessarily know it’s safe.
No offense, are you sure you have the technical background required to know that?
Websites were already dependent on third parties for domain registration in the first place, so OPs complaint about cert authorities makes less sense.
Good parallel. Trusting DNS with interpreting a hostname is not all that different from trusting CAs about whom else you should trust.