> LE isn't primarily funded by non-profits, as you can see from the sponsor list here: https://isrg.org/sponsors/

I mean, Mozilla got the ball rolling and it's still run on donations (even if they come from private actors).

> Like I said, it may be cheaper in aggregate, but I think you'd need to make that case.

The PKI is already there: we have 7 people who can do a multisig for new root keys. There is a signing ceremony in a secure bunker somewhere that gets live streamed. The HSMs and servers are already paid for. Cert transparency/monitoring is nice but now it's hard-coded to HTTPS instead of being done more generically. There's a lot of duplicated effort.