Launching in (summer) 2015: A Certificate Authority to Encrypt the Entire Web by Peter Eckersley, Electronic Frontier Foundation, 18-November-2014.
Today EFF is pleased to announce Let’s Encrypt, a new certificate authority (CA) initiative that we have put together with Mozilla, Cisco, Akamai, IdenTrust, and researchers at the University of Michigan that aims to clear the remaining roadblocks to transition the Web from HTTP to HTTPS.
Although the HTTP protocol has been hugely successful, it is inherently insecure.
With a launch scheduled for summer 2015, the Let’s Encrypt CA will automatically issue and manage free certificates for any website that needs them. Switching a webserver from HTTP to HTTPS with this CA will be as easy as issuing one command, or clicking one button.
In our tests, it typically takes a web developer 1-3 hours to enable encryption for the first time. The Let’s Encrypt project is aiming to fix that by reducing setup time to 20-30 seconds.
Let’s Encrypt will employ a number of new technologies to manage secure automated verification of domains and issuance of certificates.
The Let’s Encrypt CA will be operated by a new non-profit organization called the Internet Security Research Group (ISRG). EFF helped to put together this initiative with Mozilla and the University of Michigan, and it has been joined for launch by partners...
The key principles behind Let’s Encrypt are:
* Free: Anyone who owns a domain can get a certificate validated for that domain at zero cost.
* Automatic: The entire enrollment process for certificates occurs painlessly during the server’s native installation or configuration process, while renewal occurs automatically in the background.
* Secure: Let’s Encrypt will serve as a platform for implementing modern security techniques and best practices.
* Transparent: All records of certificate issuance and revocation will be available to anyone who wishes to inspect them.
* Open: The automated issuance and renewal protocol will be an open standard and as much of the software as possible will be open source.
* Cooperative: Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the entire community, beyond the control of any one organization.
* Let’s Encrypt: Bringing HTTPS to Every Web Site by J. Alex Halderman, Freedom to Tinker, 18-November-2014.
* Launching in 2015: A Certificate Authority to Encrypt the Entire Web by mariusz79, Hacker News, 18-November-2014.
Note: hundreds of comments already
Edited by iamlost, 21 November 2014 - 04:45 PM.