> After all, https is about ensuring your sites's authenticity to your visitor via a trusted third-party certificate.
No longer especially that pre-LE, those same third-party sites already broke the rules, even with their EV offerings. Everything has been reduced to "is this domain at least controlled by them?" which is easily auditable (organisational verification has been significantly devalued). Now, Let's Encrypt only verifies domains and not trustworthiness (in fact, they won't revoke certificates known as phishing sites). Also EV certificates are nearly worthless unless you want to bypass many antivirus' HTTPS interception.
No longer especially that pre-LE, those same third-party sites already broke the rules, even with their EV offerings. Everything has been reduced to "is this domain at least controlled by them?" which is easily auditable (organisational verification has been significantly devalued). Now, Let's Encrypt only verifies domains and not trustworthiness (in fact, they won't revoke certificates known as phishing sites). Also EV certificates are nearly worthless unless you want to bypass many antivirus' HTTPS interception.