Quoting Steve Litt (slitt@???):

> What about the fact that Google gives higher rankings to secure
> accounts? For google togive that higher ranking, does self-signing
> suffice for enhanced rankings, or does one have to have a cert signed
> by a certification company like Let's Encrypt? This makes a big
> difference for business websites.

Obvious: For my sites, I don't care.

If I were running IT operations at, say, my ex-employer Cadence Design
Systems, I would pay DigiCert for a relatively meaningful cert
attestation -- which, oddly enough, is exactly what they do, for obvious
business reasons (because oblivious people use the Web and have money
to spend.) Business Web sites can justify the graft every 1-2 years to
get signatures that are not _quite_ as meaningless as those from Let's
Encrypt or one of the many low-end laugh factory CAs -- as Cadence does
in picking (apparently reputable, competent) DigiCert.[1]

Retrospective case studies of some of the latter from over the prior decade:
https://lists.dyne.org/lurker/message/20201203.213847.8bf66630.en.html


[1] I gave minor sideeye to DigiCert's acquisition in 2017 of
Symantec's gang-that-couldn't-shoot-straight CA/PKI division, but maybe
they through out the rotten apples. (Please note that nothing in this
post should be construed to endorse that or any other firm.)