Yes, as a non-expert in linux, I realise I have to roll my sleeves up a bit sometimes, but I personally wouldn’t want new layers of stuff to deal with around certificates and security.
If a new person came along and contributed code, would it be somehow checked to see if it was doing anything naughty, e.g. contacting IP addresses?