Vapourware no more: Let's Encrypt announces first cert dates

Free certs for me and all my friends! In September! For Freedom!


The Mozilla-backed Let's Encrypt effort is moving out of its vapourware phase, announcing general availability for September 2015 and an intention to issue its first certificate in the week of July 27.

Launched last year by Mozilla, the Electronic Frontier Foundation (EFF) and Cisco, Let's Encrypt's aim is to create no-charge SSL certs in aid of the HTTPS-everywhere cause.

At the time, the group write that “For many server operators, getting even a basic server certificate is just too much of a hassle. The application process can be confusing. It usually costs money. It’s tricky to install correctly. It’s a pain to update.”

The timing is important, since Mozilla earlier this month announced to the world its intention to deprecate start a kind of rolling degradation of sites that don't move to HTTPS.

At that time, The Register noted: “Perhaps Let's Encrypt will be just that and solve two of the three problems with the transition to a secure web”.

Let's Encrypt says its first certs will be issued “under tightly controlled circumstances”.

“No cross-signature will be in place yet, so the certificates will not validate unless our root is installed in client software. As we approach general availability we will issue more and more certificates, but only for a pre-approved set of domains.”

Its reasoning is that the certificates have to be “secure, compliant, and scalable” before the system goes G/A.

When that happens – due in the week of September 14 – the group says an IdenTrust cross-signature will be in place so that its certs will validate automatically for most users. ®

Similar topics


Other stories you might like

  • Japan picks AWS and Google for first gov cloud push

    Local players passed over for Digital Agency’s first project

    Japan's Digital Agency has picked Amazon Web Services and Google Cloud for its first big reform push.

    The Agency started operations in September 2021, years after efforts like the UK's Government Digital Service (GDS) or Australia's Digital Transformation Agency (DTA). The body was a signature reform initiated by Prime Minister Yoshihide Suga, who spent his year-long stint in the top job trying to curb Japan's reliance on paper documents, manual processes, and faxes. Japan's many government agencies also operated their websites independently of each other, most with their own design and interface.

    The new Agency therefore has a remit to "cut across all ministries" and "provide services that are driven not toward ministries, agency, laws, or systems, but toward users and to improve user-experience".

    Continue reading
  • Singaporean minister touts internet 'kill switch' that finds kids reading net nasties and cuts 'em off ASAP

    Fancies a real-time crowdsourced content rating scheme too

    A Minister in the Singapore government has suggested the creation of an internet kill switch that would prevent minors from reading questionable material online – perhaps using ratings of content created in real time by crowdsourced contributors.

    "The post-COVID world will bring new challenges globally, including to us in the security arena," said Minister for Defence Dr Ng Eng Hen at a Tuesday ceremony to award the city-state's 2021 Defense Technology Prize.

    "For operations, the SAF (Singapore Armed Force) has to expand its capabilities in the digital domain. Whether for administrative or operational purposes, I think that we will need to leverage technology to the maximum," he declared.

    Continue reading
  • China Telecom booted out of USA as Feds worry it could disrupt or spy on local networks

    FCC urges more action against Huawei and DJI, too

    The US Federal Communications Commission (FCC) has terminated China Telecom's authority to provide communications services in the USA.

    In its announcement of the termination, the government agency explained the decision is necessary because the national security environment has changed in the years since 2002. That was when China Telecom was first allowed to operate in the USA.

    The FCC now believes – partly based on classified advice from national security agencies – that China Telecom can "access, store, disrupt, and/or misroute US communications, which in turn allow them to engage in espionage and other harmful activities against the United States." And because China Telecom is state-controlled, China's government can compel the carrier to act as it sees fit, without judicial review or oversight.

    Continue reading

Biting the hand that feeds IT © 1998–2021