I know that domain authentication is required to get a certificate for HTTPS. But I really don't know why this is needed. Can't you just give a certificate without domain verification? What happens if I just give the certificate? Are there any concerns?
I searched the website, but couldn't find a satisfactory answer. I'm very curious about that part.