Internet Society Supports the Let’s Encrypt Initiative to Increase End-to-End Encryption Thumbnail
Encryption 8 October 2015

Internet Society Supports the Let’s Encrypt Initiative to Increase End-to-End Encryption

By Olaf KolkmanPrincipal - Internet Technology, Policy, and Advocacy
Thomas Wu
Thomas WuGuest Author

The Internet Society sees encryption as a new norm to enhance the security of, and thereby trust in, the Internet.

The community is establishing that norm: Encrypted end-to-end (server to browser) web traffic is on the rise, allowing secure communication that cannot be monitored by 3rd parties. However, to deploy encryption for web services, you need encryption protocols to be implemented, an authentication infrastructure, and to tie this all together in a way that is workable for end-users and for those that provide web services.

There are various threads of work that contribute to enhancing trust in the confidentiality of communication. For end-users, these enhancements are shipped with updates of their browser. For the maintainers of web servers, configuring secure communication is tedious and error prone, and an expensive process.

The Let’s Encrypt initiative addresses that aspect. From its website, Let’s Encrypt is “a free, automated, and open certificate authority (CA), run for the public’s benefit.”

Let’s Encrypt sets out to bring down the price of configuring secure and authenticated web servers in order to get more web servers to deploy secured transport for services.

The innovation of Let’s Encrypt is not that it offers free certificates (which is something that is done by other market parties) but that it has developed a protocol that allows for driving down operational overhead costs associated with certificate configuration. Using an open-sourced toolset and a protocol currently being standardized in the ACME working group in the IETF, it provides a toolchain that aspires to be ‘shoot-and-forget’ with two commands. This is very appealing to anybody who has ever configured a certificate in a web server. With Let’s Encrypt, all an operator needs to know is one command — letsencrypt — and all the certificate generation and signing magic will happen automagically.

Let’s Encrypt is a fully certified Certificate Authority infrastructure that will be trusted by all browsers. Currently it is issuing certificates to beta program participants.

We would like to see this initiative flourish and in order to support its initial growth and help it scale from a few thousand beta users to millions of production users, we joined the initiative as a gold sponsor for 2015-2016.

We are excited about the possibilities an initiative like Let’s Encrypt can bring, specifically for those that need to configure secure web services at scale. Check out the website and follow along as it gets up and running over the next few months!

Editorial Note: The Let’s Encrypt initiative also published a blog post today about the Internet Society’s sponsorship.

UPDATE – 3 Dec 2015 – Olaf published a follow-up post about the Let’s Encrypt initiative entering the public beta stage where invitations are no longer needed to participate.

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Strengthening the Internet 12 March 2024

Nevada Wants to Reduce Online Protections for Children: All Internet Users Should Benefit from Strong Encryption

Protect children online by supporting end-to-end encryption in Facebook Messenger. Join us in the fight against weakening online protection...

Strengthening the Internet 31 January 2024

Keeping Kids Safe Online: Navigating the New Parents’ Guide to Encryption

Do you know how you're keeping your kids safe online? Using encryption, there are simple changes you can make...

Encryption 21 September 2023

Techxit: The UK Declares Its Exit from the High-Tech Startup World

No one in their right mind would now want to start up a high-tech company in the UK. With...