Most Certificates Don't Improve Security, They Mostly Increase Downtime (for No Good Reason)
Certificates are not a "conspiracy to sell you newer BS" or "more certificates", but some types of them are truly annoying. Certificates often get in the way of work and add to the amount of work people need to do, especially sys admins and developers. Certificates in many contexts are necessary and benign; in other contexts it seems more like a cartel eager to sell people over and over again things that are meant to just expire frequently and with no (or little) prior notice. The consequences of expiry are increasingly severe; a lot of software is hard-coded to outright reject, not warn about, expired certificates. Worse yet, a lot of software is hard-wired to not accept any self-signed certificates, which seems absurd.
Consider what's happening today in the main, official hub for Geminispace:
Oh, great!! Thanks for "protecting us" from this "dangerous site" with the "expired" (older date) certificate. Haven't we seen this before?
Regardless, the above does not impact any other capsules. In Geminispace the management of certificates is not centralised (unlike the Web). This site (capsule) and its sister site (capsule) are serving about 90,000 Gemini pages per day. The 'Gemini sites' (capsules) are a growing force and there's a fast-growing number of capsules out there, soon 3,200 active ones according to Lupa:
These figures were updated around 4AM this morning. They say that only 5 known capsules still use Let's Encrypt, which is centralised around Linux Foundation sponsors, i.e. Big Business with military/back doors fetish. █