EFF, Others Launch New Free Security Certificate Authority To 'Dramatically Increase Encrypted Internet Traffic'

from the very-cool dept

The EFF and Mozilla along with some others, have teamed up to announce "Let's Encrypt" which is a new, free, certificate authority that is hoping to dramatically increase encrypted internet traffic when it launches next summer. The effort is being overseen by the Internet Security Research Group, which is the non-profit coalition of folks contributing to this effort. Not only is the effort going to offer free certificates, but also make it much easier to enable encryption.
We've argued for a long time about the importance of increasing encryption online, so it's great to see this effort.

Filed Under: certificate authority, encryption, https, let's encrypt, security, ssl
Companies: cisco, eff, internet security research group, mozilla

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    DannyB (profile), 18 Nov 2014 @ 1:32pm

    Browsers and Certificate Authorities

    Internet Browsers (FireFox, Chrome, Safari) and aspiring Internet Browsers (IE) have a list of certificates they trust.

    The organizations that create browsers and wannabe browsers decide for themselves which root certificates they trust. Or more importantly which Certificate Authorities (CAs) they trust.

    The requirements to get a certificate depend on the policies of the CA.

    Of course, to get included in the trusted roots of the major browsers, and browser wannabe, a CA has to jump through all of the hoops that each organization has for inclusion in its browser. It's way more complex than this, but simply, these requirements ensure that browsers only trust certificates issued by CA's that you would want to trust.

    In general, a certificate merely indicates that it really is for the domain name you typed into the address bar. For example, the certificate from Amazon.com ensures that (as long as you trust the root CA who signed it) this certificate really is from Amazon.com. The CA who signed it is certifying that the certificate wasn't just handed out willy nilly to just anyone off the street who wanted a certificate that says "Amazon.com".

    Some CA's offer various levels of assurance of the identity of who the certificate is issued to. But at the most basic level, it is ensuring that the server that answered your SSL is one that holds the certificate.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Essential Reading
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it

Email This

This feature is only available to registered users. Register or sign in to use it.