The Internet Security Research Group (ISRG), which was formed earlier this year and includes members from Mozilla, EFF, Cisco, Akamai, CoreOS, and more, will release the public beta version of Let's Encrypt, the free automatic digital certificate service. On December 3, everyone will be able to use the Let's Encrypt HTTPS certificates to encrypt their websites' connections.
Let's Encrypt launched last November as an effort to break down the last major barrier for adoption of HTTPS encryption on the web: certificate cost, which many small website owners were not willing to pay.
The performance issue, which was another HTTPS adoption hurdle, has also disappeared thanks to modern hardware from the past few years and the standardization of HTTP/2, which in some cases is even faster than unencrypted HTTP/1.1.
The principles on which Let's Encrypt was created are the following:
- Free: Anyone who owns a domain can get a certificate validated for that domain at zero cost.
- Automatic: The entire enrollment process for certificates occurs painlessly during the server's native installation or configuration process, while renewal occurs automatically in the background.
- Secure: Let's Encrypt will serve as a platform for implementing modern security techniques and best practices.
- Transparent: All records of certificate issuance and revocation will be available to anyone who wishes to inspect them.
- Open: The automated issuance and renewal protocol will be an open standard and as much of the software as possible will be open source.
- Cooperative: Much like the underlying Internet protocols themselves, Let's Encrypt is a joint effort to benefit the entire community, beyond the control of any one organization.
The limited beta version of Let's Encrypt launched earlier this September, and the service issued 11,000 certificates so far. This gave the ISRG a good idea about how well the service is running, which is why it's now ready to switch to the public beta and open it up to everyone who wants one.
However, the group's Executive Director, Josh Aas, also said that there is still more work to be done on the client side. The automation feature is what they're focusing on right now, which is why the group welcomes any feedback so it can fix the issues as soon as they appear.
Lucian Armasu joined Tom’s Hardware in early 2014. He writes news stories on mobile, chipsets, security, privacy, and anything else that might be of interest to him from the technology world. Outside of Tom’s Hardware, he dreams of becoming an entrepreneur.