I've been reading about Let's Encrypt for a while. I understand that a fair amount of their trust that you are who you say you are is by demonstrating you have control over your DNS records. I look forward to something like this. I've been using self-signed certificates for years to get encryption (like on the squirrelmail client I'm writing this on), but have to deal with the security warnings and explain to other people that it's ok.
Harold