Please read the following article: https://resources.infosecinstitute.com/cybercrime-exploits-digital-certificates
You have completely skipped the points I have made about the insider threat and the complacency which free and automated begets.
Let’s say LE suffers one of the breaches described in the article above… Its certs will be revoked. If a website is hosted by a company who chose LE for its convenience and price — again, a central point in my essay — there is a good chance traffic to their site drops dramatically, their search engine ranking crater, and the business folks are none the wiser.
Every single person who has responded to my essay has responded from what I call the “crowded perspective.” If you look at any subject you are looking at it from a certain perspective. What we in tech fail to perceive is when that perspective becomes crowded to the point where we all see the same thing and start congratulating ourselves for how smart we are, we fall victim to group-think…
So break out of the crowded perspective and find another spot on the “sphere” around the subject. Look at SSL certs from the perspective and motivations of the non-technical business person and you see that “free” and “automated” come with a whole set of risks we have not accounted for — because we have all crowded into the same perspective without even realizing it.