Let’s Encrypt No Longer Checking Google Safe Browsing

Let’s Encrypt has stopped checking domains against the Google Safe Browsing API before issuance.

Google Safe Browsing is an API used primarily by browsers to protect users against phishing and malware sites. It’s a great way for users to help stay safe on the Web and we’re thankful to Google for providing the service.

Since 2015, Let’s Encrypt has been using this API to check domains before issuing certificates. If a domain was flagged as unsafe by Google Safe Browsing we would not issue a certificate.

We’ve stopped checking with Google Safe Browsing primarily because Domain Validation certificates are intended solely for use in securing the transfer of data between a site and its visitors. This is a critical component of a secure experience, but it does not mean that a site’s contents are safe. The question of whether or not content is safe is not one that we can accurately answer, and it is outside the scope of certificates and HTTPS.

You can read more about our perspective on CAs and malicious website content here.


A post was split to a new topic: Wildcards and safebrowsing