The Internet Society sees encryption as a new norm to enhance the security of, and thereby trust in, the Internet.
The community is establishing that norm: Encrypted end-to-end (server to browser) web traffic is on the rise, allowing secure communication that cannot be monitored by 3rd parties. However, to deploy encryption for web services, you need encryption protocols to be implemented, an authentication infrastructure, and to tie this all together in a way that is workable for end-users and for those that provide web services.
There are various threads of work that contribute to enhancing trust in the confidentiality of communication. For end-users, these enhancements are shipped with updates of their browser. For the maintainers of web servers, configuring secure communication is tedious and error prone, and an expensive process.
The Let’s Encrypt initiative addresses that aspect. From its website, Let’s Encrypt is “a free, automated, and open certificate authority (CA), run for the public’s benefit.”
Let’s Encrypt sets out to bring down the price of configuring secure and authenticated web servers in order to get more web servers to deploy secured transport for services.
The innovation of Let’s Encrypt is not that it offers free certificates (which is something that is done by other market parties) but that it has developed a protocol that allows for driving down operational overhead costs associated with certificate configuration. Using an open-sourced toolset and a protocol currently being standardized in the ACME working group in the IETF, it provides a toolchain that aspires to be ‘shoot-and-forget’ with two commands. This is very appealing to anybody who has ever configured a certificate in a web server. With Let’s Encrypt, all an operator needs to know is one command — letsencrypt — and all the certificate generation and signing magic will happen automagically.
Let’s Encrypt is a fully certified Certificate Authority infrastructure that will be trusted by all browsers. Currently it is issuing certificates to beta program participants.
We would like to see this initiative flourish and in order to support its initial growth and help it scale from a few thousand beta users to millions of production users, we joined the initiative as a gold sponsor for 2015-2016.
We are excited about the possibilities an initiative like Let’s Encrypt can bring, specifically for those that need to configure secure web services at scale. Check out the website and follow along as it gets up and running over the next few months!
Editorial Note: The Let’s Encrypt initiative also published a blog post today about the Internet Society’s sponsorship.
UPDATE – 3 Dec 2015 – Olaf published a follow-up post about the Let’s Encrypt initiative entering the public beta stage where invitations are no longer needed to participate.