Let’s Encrypt Launches in 2015

The Electronic Frontier Foundation (EFF) has been working for years to get encryption to become a standard for all web users. In 2009, they started pushing to have HTTPS become the standard. Now they are behind the Let’s Encrypt movement, a certificate authority or CA project. This plan will help get the web on HTTPS by default. This will serve to protect all Internet users from dangers like spying, account hacking and theft.

The EFF Web Encryption Initiative

The encryption of the Web was a long-term project from the very beginning. The EFF knew that it would not be that easy to get the entire Web to use secure HTTP. But Internet users desperately need the protection that the move from HTTP hypertext to HTTPS would provide. There are so many threats that the average Internet user faces every day. These include government spying, corporate tracking, account hacking, financial fraud, identity theft, social engineering scams, malicious cookies, Internet content censorship, and so many more. All we need to prevent the majority of these threats from victimizing Internet users is to encrypt their Internet traffic.

The EFF began working to encrypt the Web by approaching some major websites. These were mostly Internet companies like Google and huge platforms like Facebook and Twitter. The EFF urged these sites to begin providing HTTPS on their sites. Users responded well to this and the plan moved forward. Now, Google, for example, uses HTTPS by default for almost all of their pages and tools.

The second stage was the creation and introduction of the EFF browser extension HTTPS Everywhere. This allowed users who liked having HTTPS protection to get this form of any website they wanted by default. This year, HTTPS Everywhere has a total of over three million users. Hundreds of billions of Internet requests are now being encrypted as a result of the efforts made by the EFF.

The EFF is well informed on encryption. They are aware that encryption can fail to secure a user if the protocols that are used are faulty. So the next step that they took was to launch further plans to support HTTPS. They now have Sovereign Keys and the SSL Observatory. These programs exist to ensure that the encryption of TLS, SSL and HTTPS are capable of giving people the encryption that they need to stay secure online. In addition, they put together their report on the Encrypt the Web project. This report along with the EFF mailing list for crypto ops helps Internet companies to use web encryption correctly so that it does not have any weaknesses that any entity can exploit.

The EFF isn’t stopping there, of course. They know that we all still have a very long way to go to secure Web users everywhere. They are continuing with several projects, and the most notable of these these days is called Let’s Encrypt.

Let’s Encrypt Certificate Authority

Let’s Encrypt is a new CA that the EFF is working on collaboratively with Akamai, Cisco, IdenTrust, Mozilla, and several University of Michigan researchers. More information abot the Let’s Encrypt effort can be read on their website, The EFF has high hopes that the Let’s Encrypt project will ease everyone through the shift to HTTPS. There are a lot of issues that stand in the way of this transition, but the EFF is confident that we will soon be able to have encryption everywhere that we go on the Internet.

HTTPS is not perfect, of course, but using this as the standard will tremendously improve Web security. Let’s Encrypt is due to be well underway by summer next year. It will work by giving certificates to any website that wants to use HTTPS, and these certificates will be issued for free. It will also be very easy for websites to implement. This takes care of what might be the most problematic aspect of the switch from HTTP, which is the intricacy of changing everything over. Making the transition on a web server often produces a lot of errors. There is certificate misconfiguration and red tape, not to mention the high costs associated with the switch. So the EFF has put their heads together with these other groups to provide a way for websites to implement HTTPS without all of these hassles. Instead of taking up three hours to put in encryption, developers can trim it down to half a minute with Let’s Encrypt.

Let’s Encrypt, under the management of the Internet Security Research Group, is going to handle automated verification in a secure way. It will depend on new methods to issue certificates and verify domains. One of the protocols for Let’s Encrypt that the EFF is working on now is called ACME. This protocol will be used between the CA and the web servers switching to HTTPS to ensure better domain validation. The Certificate Transparency logs of Google, the scans.io of the University of Michigan, the Decentralized SSL Observatory of the EFF, and other certificate data sets will also be employed so that better security decisions can be made when validating authentic certificates.

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)
Filed in: News

Get Updates

Share This Post

Recent Posts

Leave a Reply

Submit Comment

© Get Best VPN Service in Europe. All rights reserved.