The point isn't how easy/lazy it is, the point is to avoiding have to trust (now apparently) untrustworthy CAs. Maintaining your own CA (is that what you mean by signing certificate?) might be OK if you're the only user, but asking other people to install your CA is a right pain, and then you have to worry about keeping the CA secure, plus all the regular PKIX hassles of updating certs etc.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds