General Discussion • Re: Enforced https on public sites

Semi-related. Who determines that a CA is trustworthy, but me self signing a cert for my own domain is not trustworthy? It seems kind of pointless if Let’s Encrypt will just issue a free certificate to anybody?

Primarily the CA/B forum determines who is trusted. Then the browsers incorporate root certificates based on those decisions. And those holding root certificates delegate trust down to individual CAs by signing CA certificates. You can, however, trust anyone you want by importing the signing certificates into your certificate store in the browser.