I always assumed Let's Encrypt was an NSA front so that they can decrypt most of the https traffic.
Remember just after the Snowden revelations all the 3 letter agencies were very worried about https adoption rising, then their concerns suddenly disappeared.
However I have no idea how encryption works so maybe my hunch is stupid (I remember that the NSA impersonated a certificate authority for that purpose).
> However I have no idea how encryption works so maybe my hunch is stupid
Your words, not mine.
The person who created Let's Encrypt started it as his thesis in college. From there he received assistance from the EFF, some of its staff, and a few other volunteers. None of them are anonymous, all working in the space before Let's Encrypt. It's fully open source and there are no backdoors in TLS encryption.
I think you don't understand how certificates are created. You never have Let's Encrypt create a private key for you. You do it yourself, and LE just gives you a signed proof it acknowledged the new cert.
You'd need to issue a fake certificate to do a MITM attack, they wouldn't be able to decrypt existing traffic without issuing one, which would be noticed by someone watching. Key pinning would have helped with that but it was mostly used to accidentally lose your keys and lock people out of your server.
Remember just after the Snowden revelations all the 3 letter agencies were very worried about https adoption rising, then their concerns suddenly disappeared.
However I have no idea how encryption works so maybe my hunch is stupid (I remember that the NSA impersonated a certificate authority for that purpose).