Come Summer 2015, webmasters not already using SSL/TLS certificates to encrypt their website’s traffic will be able to do so for free using a single package that automates the whole process of proving to a certificate authority (CA) that they own their domain, getting and installing the certificate and even renewing and revoking it as needed.
What is currently a hassle will be taken care of simply by typing two commands – <strong>sudo apt-get install lets-encrypt; lets-encrypt example.com</strong>. That will be like going from HTTP to HTTPS in a flash.
That early 2015 Xmas present will come courtesy of Let’s Encrypt, a new Certificate Authority (CA) that, starting next year, will be providing free, automated and open digital certificates. The whole process will be made possible by the Automated Certificate Management Environment (ACME), “a protocol for automating the management of domain-validation certificates, based on a simple JSON-over-HTTPS interface.”
Let’s Encrypt is a service of Internet Security Research Group (ISRG), a non-profit organization formed by Mozilla Corporation, Cisco Systems, Inc., Akamai Technologies, Electronic Frontier Foundation, IdenTrust, Inc., and researchers at the University of Michigan.
Let’s Encrypt is a service I’m looking forward to, because, as you can see, this website is still using HTTP. So yes, I’m rooting for ISRG. For a technical overview of how the service will work, visit https://letsencrypt.org/howitworks/technology/. The code behind ACME is hosted at GitHub, so if you’re a coder and have the time to contribute, head over to https://github.com/letsencrypt/acme-spec.
Figure 1: How Let’s Encrypt will work.
