Also certificate does not ensure the website is safe, only that you are really talking with the server the URL points to, and not a man-in-the-middle trying to hijack your information (like passwords or payment details).
Nothing stops a malicious site to have a valid https certificate. Sure, more spam-friendly Certification Authorities like Let’s Encrypt might revoke spammy certificate, but that’s not nevesserily always true.
Also it’s no indication that the server itself is secure - if I manage to get access to… say Amazon’s webserver, I could modify it to send all credit card details, usernames, passwords, etc. to me when someone buys something/logs in. The certificate wouldn’t indicate any of that
Also certificate does not ensure the website is safe, only that you are really talking with the server the URL points to, and not a man-in-the-middle trying to hijack your information (like passwords or payment details).
Nothing stops a malicious site to have a valid https certificate. Sure, more spam-friendly Certification Authorities like Let’s Encrypt might revoke spammy certificate, but that’s not nevesserily always true.
Also it’s no indication that the server itself is secure - if I manage to get access to… say Amazon’s webserver, I could modify it to send all credit card details, usernames, passwords, etc. to me when someone buys something/logs in. The certificate wouldn’t indicate any of that