@Dee that's not really what centralized means. all of the issued certs work fine even if LE is totally offline.
@Dee correct, but iirc the certs are good for 90 days and they renew with weeks of headroom. LE could be offline for hundreds of hours and properly configured servers would all be fine.
@sneak @Dee At the end of the day the root CAs are major points of failure no matter which one you go with; your SSL cert is useless unless everyone trusts the CA that issued the cert. The "decentralized" approach IMO would be everyone issuing their own certs combined with "trust on first use" like in gemini-space.
I do agree though that LE is a big deal because it's the only issuer that does simple domain-validation and is gratis; all others are organizational validation and charge you $$