EFF, Others Launch New Free Security Certificate Authority To 'Dramatically Increase Encrypted Internet Traffic'

from the very-cool dept

The EFF and Mozilla along with some others, have teamed up to announce "Let's Encrypt" which is a new, free, certificate authority that is hoping to dramatically increase encrypted internet traffic when it launches next summer. The effort is being overseen by the Internet Security Research Group, which is the non-profit coalition of folks contributing to this effort. Not only is the effort going to offer free certificates, but also make it much easier to enable encryption.
We've argued for a long time about the importance of increasing encryption online, so it's great to see this effort.

Filed Under: certificate authority, encryption, https, let's encrypt, security, ssl
Companies: cisco, eff, internet security research group, mozilla


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    DannyB (profile), 18 Nov 2014 @ 1:32pm

    Browsers and Certificate Authorities

    Internet Browsers (FireFox, Chrome, Safari) and aspiring Internet Browsers (IE) have a list of certificates they trust.

    The organizations that create browsers and wannabe browsers decide for themselves which root certificates they trust. Or more importantly which Certificate Authorities (CAs) they trust.

    The requirements to get a certificate depend on the policies of the CA.

    Of course, to get included in the trusted roots of the major browsers, and browser wannabe, a CA has to jump through all of the hoops that each organization has for inclusion in its browser. It's way more complex than this, but simply, these requirements ensure that browsers only trust certificates issued by CA's that you would want to trust.

    In general, a certificate merely indicates that it really is for the domain name you typed into the address bar. For example, the certificate from Amazon.com ensures that (as long as you trust the root CA who signed it) this certificate really is from Amazon.com. The CA who signed it is certifying that the certificate wasn't just handed out willy nilly to just anyone off the street who wanted a certificate that says "Amazon.com".

    Some CA's offer various levels of assurance of the identity of who the certificate is issued to. But at the most basic level, it is ensuring that the server that answered your SSL is one that holds the certificate.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Show Now: Takedown
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.